WP-login.php Protection
You can use this document to learn how to protect wp-login.php
from unwanted IP addresses.
Based on the script's configurations, this process will deny access to wp-login.php
to specified IP addresses. For example, if you have a blog with multiple authors, then you should not use this script.
In the following example, the route is: wp-login.php
Review the following sample script:
addEventListener('fetch', event => {
event.respondWith(fetchAndApply(event.request))
})
async function fetchAndApply(request) {
//Create an Array of whitelisted IP's that can login to WP
var whitelist = ["192.168.1.1", "192.168.1.2"];
//If client's IP is not in the whitelist deny access
if (!whitelist.includes(request.headers.get('x-sp-client-ip'))) {
return new Response('Access Denied',
{ status: 403, statusText: 'Forbidden' })
}
return fetch(request)
}
You can access your script with any of the Delivery Domains on your account.
Based on the above example, you can access the script with: https://domain.com/wp-login
Updated 30 days ago