When your website has sensitive data such as user information, it is important to restrict Admin area access. The main reason is that if malicious users gain Admin access, they can acquire or destroy important data.
The most secure way to ensure that your WordPress admin area is safe is restricting access only to your computer’s I.P address. You can add more than one I.P address.
To follow along with this tutorial, you need access to your root directory files. You can access the root directory either via FTP or via Cpanel. In this illustration, we will be using the Cpanel.
However, if you have FTP access, you can follow because all the important steps are similar.
For this step, you need Cpanel login credentials that can be provided by your web hosting company.
Login into your Cpanel and locate the file manager. Open the file manager.
On the left, open the ‘public_html’ folder to access your website files.
Open the ‘wp-admin’ folder.
Once in the ‘wp-admin’ folder, click on the ‘+file’ button at the top left side of the page.
On the pop-up that appears, write the name of the new file as ‘.htaccess’ then click on the ‘Create New File’ button at the bottom.
Select the new file and click on the edit button at the top bar.
Click on the ‘edit’ button on the pop-up that appears.
Copy and paste the code below in the new file the click on ‘Save Changes’ button. (The code below is for restricting access to two computers)
order deny, allow allow from 192.168.5.1 allow from 123.456.7.8 deny from all
Note: You need to replace the I.P addresses above with your own. Congratulations! You have successfully restricted WordPress Admin area to your preferred I.P address.