Support

Admin Tools for WordPress

#39264 Access to website only by whitelisted IP's

Posted in ‘Admin Tools for WordPress’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

WordPress version
6.2.2
PHP version
8.2
Admin Tools version
1.6.1

Latest post by joostbloom on Friday, 28 July 2023 08:17 CDT

joostbloom

Hi,

Is it possible to use Admin Tools for blocking the website (frontend) to all users except those with a certain ip? So not only the backend but also the frontend.

Thanks and regards,

Joost

nicholas
Akeeba Staff
Manager

No, there is no need for Admin Tools to do something that your web server is perfectly capable of doing itself.

If you want to only allow the IP address 198.51.100.123 to access your site you need to add the following to your .htaccess file (at the very bottom):

Order deny,allow
Deny from all
Allow from 198.51.100.123

If this does not work on your web server your host is most likely using Apache 2.4 where the syntax is different, and simpler

Require ip 198.51.100.123

Since this is in the .htaccess at the root of your site, the IP restriction is applied throughout your site, on all resources, even static files. This is a far better protection than only blocking WordPress itself for what I reasonably assume is your use case: test the site on a public server without letting anyone but you see it until it's ready.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

tampe125
Akeeba Staff

Hello,

yes, what you're looking for is an edit for the "Emergency Offline mode": https://www.akeeba.com/documentation/atwp/emergency-offline.html

What you'll have to do is to edit the .htaccess file, if you look at the example image, you'll have to edit the line with the IP address 127.0.0.1 (in your case it will be different)

It should become something like this:

!(127\.0\.0\.1|127\.0\.0\.2)

You have to concatenate the IP address with a pipe char. Please remember to add a backslash in front of each dot of the IP address. As you can see this works "fine" for only a bunch of IP addresses, if you have several it becomes very impractical.

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

joostbloom

Thanks!

This did the trick!