How to block access to wp-admin page

Securing your WordPress login page, or your wp-admin folder, on your WordPress website by blocking outside access to the wp-admin page is very simple. You can take advantage of your website’s hypertext access file located at the root of the WP install and use a specific code to block access your wp-admin age to outside IP address of your choosing. Blocking access to your wp-admin page will help you website become less vulnerable to malicious brute force attacks and unwanted logins.

1. Copy and paste the code below into your .htaccess file.

order deny,allow
deny from all
allow from

2. Change to your IP address: [user_ip]

This will allow your IP address exclusive access to the wp-admin folder and will restrict access to all other IP addresses. You can also add an IP range to the code.

To test this, try accessing your WordPress website’s wp-admin login page from another IP address. A suggestion would be to use a free proxy site such as

Sean Doyle

Sean Doyle is a tech author and engineer with over 20 years of experience in cybersecurity, privacy, malware, Google Analytics, online marketing, and other topics. Sean's content has been featured in numerous publications.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.