A lot of crap has been going around lately mainly this, http://wordpress.org/support/topic/168964 and while this isn't a end all solution to be being hacked, this can help create an htaccess in your wordpress admin and put this in it #iprestriction allow from 1.2.3.4 #endiprestriction deny from all Code (markup): where you see 1.2.3.4 you wanna put your ip, and add an extra line for each user of your blog with their ip there is some nasty stuff happening lately, people blogs completely disappearing, so any and all extra protection is good for the admin
What about those who do not have a static IP? I don't wanna use my work IP, although I do most of my site administering when i am at work.
I don't have a static ip personally, but it changes so infrequently it makes no difference for me why wouldn't you use a work ip? no one but you can ever know what is in the file. as for dynamic ip's, just log in and change it when you get a new one is the only thing I can tell you
Makes sense... I guess I'll do that. Is there anyway you can limit it to everything after 68.XXX.XXX.XXX for example?
And just to be clear, because I am only on Wordpress for two months and not yet proficient; will this stop my registered users from logging-in. What does registration get you? I'm talking ordinary users, not people added as admins or writers.
yes, it will affect your users registration, the one thing you will need to do is set up your wordpress to redirect to the main page after they log in instead of wp-admin, which IMO is a good idea anyway I have not done this in the past, but I can learn how and let you know if need be
for that want it, I figured out how to redirect users to the main page after logging in in the wp-login.php on line 352 $redirect_to = 'wp-admin/'; Code (markup): change to $redirect_to = '/';
aye excellent....I hope no one hacks me tonight because I'll definitely do this tomorrow. Thanks mate.