Protecting WordPress admin area

Gary Stevens —

Last updated:

In my WordPress admin I saw that Sergej Müller and Alex Frison had written an article about protecting WordPress admin area in which they linked to my htpasswd generator. I have only skimmed through the article, but they give some good suggestions on how to protect your WordPress admin from unwanted intruders such as hackers. My own simple approach is to only allow known IPs to access the wp-admin directory. Here is how I do it with .htaccess:

Order Deny,Allow
Deny from all
allow from

Just change “” to your IP. You can find your IP on my browser check page, just look for “Remote Address”. You can ofcourse add another “allow line” to above code, if you want to use the WordPress admin from multiple computers.