Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How to Protect WordPress from Attacks with .htaccess plugin?

Posted on 2014-02-23
3
Medium Priority
?
380 Views
Last Modified: 2014-03-14
Some of my wordpress sites have been attacked by brute-force attacks. The hosting company put in an .htaccess file and limited access to the wp-login.php file to only specific IP addresses.

I was previously using a plugin called "limit login attempts", but this plugin still results in server overload during an attack.

Question: Are there plugins available today that will EASILY modify the .htaccess files so that only specified IP addresses will have access to the admin panel? I have several WordPress sites that I either administer directly for my clients, or my clients assume that I will keep them protected while they administer the site, so I want to keep this as easy as possible - both for me and the client.

Thank you.
0
Comment
Question by:Lev Seltzer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 70

Accepted Solution

by:
Jason C. Levine earned 2000 total points
ID: 39880827
Both WordFence and Better WP Security can do it, but you should test that.  If you subscribe to Sucuri then you also get access to their plugin for WordPress and it will also lock down the admin.

One other thing to consider is moving the targeted sites to a more security-conscious host...
0
 

Author Comment

by:Lev Seltzer
ID: 39915778
I use secure paid version for a different website, but the free version does not seem to have this option. It may be that there are no programs that directly modify the .htaccess file, which is what I need. Otherwise, the robot will still waste the server's time while the lookup is made to determine that the IP is not accepted.
0
 
LVL 70

Assisted Solution

by:Jason C. Levine
Jason C. Levine earned 2000 total points
ID: 39916618
Again, don't know for sure if a plugin will do this in the exact way you want.  The actual changes are simple enough:

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.121$
RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.122$
RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.123$
RewriteRule ^(.*)$ - [R=403,L]
</IfModule> 

Open in new window

0

Featured Post

Plesk WordPress Toolkit

Plesk's WordPress Toolkit allows server administrators, resellers and customers to manage their WordPress instances, enabling a variety of development workflows for WordPress admins of all skill levels, from beginners to pros.

See why 2/3 of Plesk servers use it.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Who says nothing in life is free? WordPress.com is a freebie. WordPress.org's downloadable publishing platform is free. Heck, even WordPressMU is free. WordPress is an open source project, which means it can be used on any personal or commerc…
This article shows the steps required to install WordPress on Azure. Web Apps, Mobile Apps, API Apps, or Functions, in Azure all these run in an App Service plan. WordPress is no exception and requires an App Service Plan and Database to install
The purpose of this video is to demonstrate how to add AdSense Ads to a WordPress Website, and how to set up WordPress to automatically place Ads in Sidebars. This will be demonstrated using a Windows 8 PC. Log into your AdSense account. : Cli…
The purpose of this video is to demonstrate how to set up basic WordPress SEO. This will be demonstrated using a Windows 8 PC. The plugin used will be WordPress SEO by Yoast. Go to your WordPress login page. This will look like the following: myw…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question