We’ll show you how to use the .htaccess file to limit access to the admin directory by IP address in this post
To begin, make a backup of your .htaccess file, which is located in your /wp-admin/ folder.
Note: Do not put these codes into your Root .htaccess file. It must be in the /wp-admin/.htaccess directory. If you don’t see that file, build a new one in your wp-admin folder and name it.htaccess.
Then paste the following code into the file:
AuthUserFile /dev/null AuthGroupFile /dev/null AuthName "WordPress Admin Access Control" AuthType Basic <LIMIT GET> order deny,allow deny from all # whitelist Syed's IP address allow from xx.xx.xx.xxx # whitelist David's IP address allow from xx.xx.xx.xxx # whitelist Amanda's IP address allow from xx.xx.xx.xxx # whitelist Muhammad's IP address allow from xx.xx.xx.xxx # whitelist Work IP address allow from xx.xx.xx.xxx </LIMIT>
Copy and paste your IP address before uploading the file. Click here to find out what is your IP address.
Make sure you list all of your IP addresses here if you have more than one. If you ever use it, for example, Work, Home, and Vacation IP. You’ll need to add an extra IP address each time you wish to access your wp-admin panel from a different location. This is the sole disadvantage of this hack, but it will protect your wp-admin folder.