Avert Attacks on Your Site with This Simple Technique

Here’s a very simple way to avert attacks on your WordPress site. In most cases, hackers will try to attack a WordPress site by directly accessing wp-login.php or admin-ajax.php.The following code, added to your site’s .htaccess file, redirects hackers to a fake url. Make sure you change the IP address to your IP address in the code, otherwise you’ll be redirected as well.

Grant a single IP Address access:

## .htaccess rule to prevent an attack that from happening on this site.
# Please edit the 123.45.67.89 numbers to match your own IP address.
# For example, the IP 64.207.234.198 needs to
# be changed to look like !64.207.234.198 in the rule.
##

    RewriteEngine On
    RewriteCond %{REMOTE_ADDR} !123.45.67.89 [NC]
    RewriteRule .*  [R=301]

To grant multiple IP addresses access, change the following line:

RewriteCond %{REMOTE_ADDR} !123.45.67.89 [NC]

To:

RewriteCond %{REMOTE_ADDR} !(123.45.67.89|123.45.67.89) [NC]