Limit WordPress login access by IP from .htaccess

You can limit login access by IP from .htaccess in WordPress and doing so, your website security increases.

Make sure your IP address is not dynamic, otherwise you will be locked-out from WordPress login (until you change the old IP or delete this specific .htaccess rule).

How to limit wp-admin access from .htaccess

All you will have to do is to change 89.76.232.123 from the code below with your IP address.

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
RewriteCond %{REMOTE_ADDR} !^89\.76\.232\.123$
RewriteRule ^(.*)$ - [R=403,L]
</IfModule> 

Any IP other than 89.76.232.123 (in this case) would get a 403 page saying that “You don’t have permission to access /wp-admin on this server.“.