How to Restrict Access to the WordPress wp-admin to Only Allow My IP Address?


Premium Member
Nov 23, 2012
Hello everyone,

I'm looking to enhance the security of my WordPress site, and I'd like to restrict access to the wp-admin area so that only my IP address can log in. This would provide an additional layer of protection against unauthorized access.

Has anyone here implemented this feature before, and if so, could you please share your insights and step-by-step instructions on how to set it up? I'd greatly appreciate any guidance or best practices in accomplishing this.

Thank you in advance for your assistance!


Active member
Dec 17, 2013
To enhance the security of your WordPress site, you can restrict access to the wp-admin area so that only your IP address is allowed to log in. This additional layer of protection can help prevent unauthorized access to critical areas of your website. Here's a step-by-step guide on how to set it up:

Access Your Website's Files: To get started, you'll need access to your website's files. You can do this through your hosting control panel or by using an FTP (File Transfer Protocol) client. These tools allow you to navigate and manage your website's files and directories.

Locate the .htaccess File: In the root directory of your WordPress installation, you'll find a file named ".htaccess." This file is crucial for configuring server-level settings for your website. It's essential to handle it with care, as it can impact your site's functionality.

Backup Your .htaccess File: Before making any changes to the .htaccess file, it's essential to create a backup. This backup ensures that you can easily revert to the original settings if anything goes wrong during the process. You can create a backup by right-clicking the .htaccess file and selecting "Copy" or by downloading it to your computer.

Edit .htaccess: Now that you've backed up your .htaccess file, you can proceed to make the necessary changes. Right-click on the .htaccess file and choose the "Edit" or "Code Edit" option. If these options are not available in your file manager, you can download the file to your computer, edit it there, and then upload the modified file back to your website.

Add the IP Restriction Rules:

Inside your .htaccess file, you'll need to insert specific code to restrict access to the wp-admin area based on your IP address. Here's the code you should add:

<Files wp-login.php>
order deny,allow
deny from all
allow from YOUR_IP_ADDRESS
In this code, replace "YOUR_IP_ADDRESS" with your actual IP address. To find your current IP address, you can simply search "What is my IP" on Google, and it will display your IP address.

Save and Upload:

Once you've added the IP restriction code to your .htaccess file, save your changes. If you had previously downloaded the .htaccess file for editing, upload the modified file back to your website's root directory. Ensure that it replaces the existing .htaccess file.

Test Access:

To verify that the IP restriction is functioning correctly, attempt to access your WordPress wp-admin area from a different IP address. You can also open an incognito or private browsing window to simulate a new IP address. If your IP address is not allowed, you should see an "access denied" message, indicating that the restriction is working as intended.

You'll successfully restrict access to your WordPress wp-admin area, allowing only the specified IP address to log in. This added layer of security can help safeguard your website from unauthorized access to critical administrative functions. Remember to keep your .htaccess file updated if your IP address changes or if you need to grant access to other trusted users or developers in the future. Regularly monitoring and maintaining your website's security is essential for its long-term health and protection.
Older threads
Latest threads
Recommended threads
Similar threads

Referral contests

Referral link for :


Popular tags

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.