Lock down wp-login.php by ip address

Sick of wordpress login getting slammed by bots and bringing the server to its knees. Most of the plugins and solutions out there seem way too complicated for our needs. So for now I am just putting some code into the top of wp-login.php to block anyone but the very few people who should be logging in. Note that this will get lost and require replacing after WordPress updates.


# Custom wp-login security added 8-21-2013
# 11.22.33.44 = Me
# 55.66.77.88 = My friend
# 127.0.0.1 = localhost

$allowed = array('11.22.33.44','55.66.77.88','127.0.0.1');

if($_SERVER["REMOTE_ADDR"]){
  $ip = $_SERVER["REMOTE_ADDR"];

  if(!in_array($ip, $allowed)){
    print "Sorry but you do not have permission to access this page from $ip";
    exit();
  }
}
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *