Secure your wp-admin folder in WordPress


Sometimes you will see that your site has been compromised by hacker. You may have seen that they do it by hacking your wp-admin folder. Your site might be public but you can restrict your wp-admin folder by providing little extra security with a htaccess file. You can limit access to this folder for some IP addresses. Any attempts at accessing any file within this folder will be greeted with a Forbidden error message.

You have to create a .htaccess file in your wp-admin folder and place this code there. Be sure of one thing this is not the .htaccess file of your root folder.

AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "Example Access Control"
AuthType Basic

order deny,allow
deny from all
allow from xx.xx.xx.xx
allow from xx.xx.xxx.xx


Leave a Reply