Bluelight Dev

  • _
  • X
  • k
  • *
  • Home
  • Dev Blogs
  • SnagIMG
  • SwiftKit
    • SwiftKit Mobile for Android
    • SwiftKit Mobile iOS
    • SwiftKit PC & Mac
  • About
Jun032013

WordPress IIS restrict access by IP address

Developer Blogs2 Comments
0 Flares Filament.io 0 Flares ×

One way to secure WordPress running on Windows IIS is to restrict access to both the wp-admin directory and also the wp-login.php file by IP address. To do this on Linux it’s as easy as placing a .htaccess file in the directory you wish to secure. With IIS though it’s a little different, the guide below will run through how you can secure your WordPress via the IP Address and Domain Restrictions tool in IIS Manager.

Before getting started you will need the following…

  • A WordPress install
  • IIS7
  • Web Platform Installer (link)

Start by opening your IIS Manager. (Start > Run > inetmgr) Under Sites select your website. If you don’t see the IP Address and Domain Restrictions icon then you will need to install it. If you can see it you can skip ahead.

ipaddressmanager

To install the IP Address and Domain Restrictions feature, double click on the Web Platform Installer icon. If this icon isn’t there either then you will need to install the Web Platform Installer from Microsoft. You can download it here.

webplatformicon

Inside the Web Platform Installer, search for IP Address and Domain Restrictions and install it. (It may be called IIS: IP and Domain Restrictions)

Once installed, you will want to select your website on the left hand side under Sites, and then expand it and select your wp-admin directory. Once selected double click on IP Address and Domain Restrictions.

iis-restrict-wp-admin

First up you will want to set the Feature Settings (right hand side menu) to deny. This will deny all access to our selected wp-admin directory. We then want to setup our whitelist of IP Addresses. If you wish to use domains in your allow list then you will need to enable it in the Feature Settings window.

To start adding the IP addresses or domains you wish to allow, click on the Add Allow Entry… link on the right hand side. You can add a single IP Address, an IP Address Range or a domain name (if the domain option isn’t there or disabled go back to Feature Settings and enable domains.

iis-restrict-wp-ips

Once you’re finished with wp-admin, you might also wish to do the same with wp-login.php. If you can’t see the wp-login.php file on the left hand side under your site, click on the Content View button. Find wp-login.php and then click the Switch to Feature View… option on the right hand side. From there you will see wp-login.php is selected and you can open the IP Address and Domain Restrictions feature.

All done! You should now see a 403 Access Denied error when trying to access the restricted content from an unlisted IP.

0 Flares Twitter 0 Facebook 0 Google+ 0 LinkedIn 0 Reddit 0 Filament.io 0 Flares ×
iis iis7 ip php security windows wordpress wp-admin wp-login

Popular Posts
SwiftKit for Mac! January 8, 2011
Get List of Open Chrome Tabs .NET February 22, 2014
SwiftKit Statistics February 4, 2009
SwiftKit MS - Initial Stages March 3, 2009
SwiftKit Mobile for Android July 8, 2010

Twitter

Tags

account android api applet feature icons iis iis7 imageshack imgur integrate integration ip lion mac mobile multi monitors php screenshot security snagimg social socialize SwiftKit update upload v0.3.0b windows wordpress wp-admin wp-login

About

Bluelight Dev is an organization that has been formed by the same team that brought you the most popular and widely used RuneScape Toolkit – SwiftKit.

The main purpose of forming Bluelight Dev was to allow us to create and work on other new and exciting products and services, while staying under the same parent name.

Copyright 2015. All rights reserved.

  • _
  • X
  • k
  • *