Categories
WordPress

An access control after such a long time.

   Today, I set an access control for my wp-login.php after such a long time. The reason why I want the AWStats everyday report except for the number of unauthorized accesses for the file wp-login.php.

   About this, I’ve not care for a long time. Because, my sever applications are nearly always up-to-date and its user is just me. But recently, I have a lot of unauthorized accesses for the file wp-login.php than before. I think that the number of them increased after I wrote the post “Snow falling on my blog.“. It is too much and so boring.

   I made a file access-denied.conf like the following and put it into my Apache extra-conf directory. The file also includes some IP addresses I want to deny. Now, it works. Great!!

<Files “wp-login.php”>
Require ip xxx.xxx.xxx.xxx/xx  <<— my local IP addresses
</Files>

<Directory “G:/WEB”>   <<— G:/WEB is my document root.
<RequireAll>
Require all granted   <<— I forget to write here, so added on Mar.1st.
Require not ip xxx.xxx.xxx.xxx/xx
Require not ip yyy.yyy.yyy.yyy/yy
</RequireAll>
</Directory>

Leave a Reply

Your email address will not be published.