Secure the WP Admin Folder in WordPress Using htaccess

To protect your WordPress wp-admin folder from everyone else apart from you, you can add a htaccess file in the /wp-admin folder to allow only access from your IP address and everyone else will be denied and receive a ‘Page Not Found‘ 404 error.

This ensures no-one can even get to the login screen which is a great way to better protect your site.

The file must be named:


File it in:


And its content should be as below – but swapping in your IP address:

<FilesMatch ".*">
 Order Deny,Allow
 Deny from all
 Allow from 12.34.567.890

This will deny access to anyone that does not have the specific IP address to that directory.

Leave all Comment