Web Hosting

Please find below our list of Web Hosting guides to help with your hosting account.

Security: WordPress Admin Dashboard IP Protection

This article was posted in: Web Hosting

Onyx is pre-built with a feature which allows site administrators to restrict access to the WordPress Admin Dashboard by IP. This guide describes how to enable and configure this feature.

IMPORTANT NOTICE:
Just to be clear, the Admin IP protection in this guide refers to the admin area of the WordPress website itself and any IP restrictions are in addition to those you may have configured within standalone plugins. IP restrictions do not cover the Onyx Portal itself.

Enable / Disable Admin IP Protection

To enable the Admin IP protection feature:

  1. Login to your Onyx Portal
  2. Click the site you wish to configure Admin IP protection for.
  3. Click Settings -> Admin IP Protection on the left-hand menu
  4. Click Enable IP protection

To disable the Admin IP protection feature:

  1. Login to your Onyx Portal
  2. Click the site you wish to configure Admin IP protection for.
  3. Click Settings -> Admin IP Protection on the left-hand menu
  4. Click Enable IP protection
Create / Remove an permitted IP address

To permit a new IP address:

  1. Login to your Onyx Portal
  2. Click the site you wish to configure Admin IP protection for.
  3. Click Settings -> Admin IP Protection on the left-hand menu
  4. Click Create an authorised user
  5. Enter the permitted IP address in the Permitted IP addresses section
  6. Click Add Permitted Address.

The IP address has now been added to the permitted list. Access to the WordPress Admin Dashboard from the added IP will now permitted. Note – the user may still need to sign into WordPress using their own user credentials.

To prohibit access from an already permitted IP:

  1. Login to your Onyx Portal
  2. Click the site you wish to configure Admin IP protection for.
  3. Click Settings -> Admin IP Protection on the left-hand menu
  4. Click Remove next to the IP address you wish to prohibit
  5. Confirm the action when prompted

The IP address has now been removed from the permitted list. Access to the WordPress Admin Dashboard from the removed IP will now fail.