Secure your WordPress Access

Secure your wp-admin and wp-login URLs so you don’t regret it later. One of the key benefits when using seedUp is the ability to quickly make changes to your live site with it’s built in editor. This gives you the power to manipulate things on the fly without the need to upload files, use methods like FTP that are not secure, and make quick modifications when it matters most. You should always be sure to lock down your WordPress admin and login so that you are sure it is 100% secure. In addition, make sure you only have one admin user, make sure the password is strong, and don’t use the admin userĀ unless you really need to. To lock down your administrator access, head over to your WordPress seed’s editor in seedUp and edit the htaccess.

Secure your htaccess with seedUp

Update your WP .htaccess

Add the following code to your htaccess file

    ErrorDocument 401 /index.php?error=404
    ErrorDocument 403 /index.php?error=404
 
        
    <IfModule mod_rewrite.c>
        RewriteEngine On
        RewriteBase /
        RewriteRule ^index\.php$ - [L]
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteRule . /index.php [L]

        RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
        RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
        # white list IP address with access here
        RewriteCond %{REMOTE_ADDR} !^123.123.123.123
        RewriteRule ^(.*)$ - [R=403,L]
    </IfModule> 
         
  

Make sure to backup your htaccess file prior to making these changes. You can do this easily in the editor by right clicking the file and choosing “Copy”, then “Paste” it as something like “htaccess.bak”

Once this is complete, your admin will only be accessible from the IP address listed in your htaccess file. If you don’t know what your public facing IP address is you can visit: http://whatismyip.com, or type “what is my ip address” into Google. Remember, it’s not your local address, so visiting your system settings and viewing your IP will not work if your behind a router, or part of a network (most likely).