Forum
Deny Access to wp-admin unless ip = mine
Daniel
28 September 2015, 22:19
Hello all,
I have a fully working, secure and VERY FAST installation of wordpress on a hiawatha, mariadb, php5-fpm, debian 7.9 server. I'm a hiawatha convert!
Just a quick and simple question I hope. As the title says, can I deny access to wp-admin unless ip = mine?
I have found the following posted on this forum though, I'm no code junkie and can't workout how to get the results I'd like. Duh!
Obviously, I name the toolkit how I like. The rest I thought I'd have a stab at...
am I even on the right track?
Thanks
Daniel
I have a fully working, secure and VERY FAST installation of wordpress on a hiawatha, mariadb, php5-fpm, debian 7.9 server. I'm a hiawatha convert!
Just a quick and simple question I hope. As the title says, can I deny access to wp-admin unless ip = mine?
I have found the following posted on this forum though, I'm no code junkie and can't workout how to get the results I'd like. Duh!
UrlToolkit {
ToolkitID = my_website
Match ^/directory1/ DenyAccess
Match ^/directory2/ DenyAccess
Call wordpress
}
Obviously, I name the toolkit how I like. The rest I thought I'd have a stab at...
match ^/wp-admin/ DenyAccess
match ^/wp-login.php DenyAccess
Call wordpress
am I even on the right track?
Thanks
Daniel
Hugo Leisink
28 September 2015, 22:23
Place an AccessList option in a .hiawatha file in the /wp-admin/ directory.
AccessList = allow <your ip-address>, deny all
Daniel
29 September 2015, 21:30
Oh, ok, so I wasn't even close 
Sorry for the late reply. I've been working my way through the documentation (which is excellent by the way) trying to find an answer for myself instead of bothering you.
Knowing now that AccessList is the best way to go, I added this to the vhost as a Directory {} instead. It seemed like the better option Based on another thread you commented on.
Unfortunately, AccessList only works on directories and I can't seem to find a similar approach for single files that's not all or nothing.
Is there a way to both allow my IP and deny everyone else for specific files?
As always, thanks for your help.
Sorry for the late reply. I've been working my way through the documentation (which is excellent by the way) trying to find an answer for myself instead of bothering you.
Knowing now that AccessList is the best way to go, I added this to the vhost as a Directory {} instead. It seemed like the better option Based on another thread you commented on.
Unfortunately, AccessList only works on directories and I can't seem to find a similar approach for single files that's not all or nothing.
Is there a way to both allow my IP and deny everyone else for specific files?
As always, thanks for your help.
Hugo Leisink
29 September 2015, 23:28
No, AccessList works for directories only.
Daniel
30 September 2015, 02:29
Thanks for the clarity Hugo.
Sorry I'm a little naive when it comes to this stuff. To my mind, considering that Wordpress files such as wp-login.php cannot be blocked by file system permissions, replaced with softlinks, or efficiently blocked by framework plugins, It seems like a good one to put on the feature requests board?
Sorry I'm a little naive when it comes to this stuff. To my mind, considering that Wordpress files such as wp-login.php cannot be blocked by file system permissions, replaced with softlinks, or efficiently blocked by framework plugins, It seems like a good one to put on the feature requests board?
Hugo Leisink
1 October 2015, 08:56
Well, I don't know about this one. I'm quite reluctant towards implementing features because webdevelopers failed to implement proper security into their application. I don't want Hiawatha to become bloated because of these kind of features.
How about you add the following line to the beginning of wp-login.php?
How about you add the following line to the beginning of wp-login.php?
if ($_SERVER["REMOTE_ADDR"] != "<your_ip>") exit;
Daniel
1 October 2015, 21:19
Sure, I understand. Hiawathas' size, simplicity and efficiency are the reasons I was attracted to it. I'll give that bit of PHP a go later when I've gotten home. Its very good of you to provide it. I was wondering if I could do it that way efficiently however, I do not know php well enough.
Thanks again.
Thanks again.
This topic has been closed.
Copyright © by Hugo Leisink. All rights reserved.
Built upon the Banshee PHP framework.
Built upon the Banshee PHP framework.
