Imagine that you are the manager of a large website that offers a large number of services to a wide range of Internet users on a daily basis and you have hired people to help you manage this site to do your job and manage this large website. In fact, if you have a service website, you must take important information such as name, surname and home or work address and phone number of your customers and users from them and then provide services to them. Like many other great sites, well now imagine that to increase the security of keeping this important information on your site management path where the information is stored by protecting Cpanel with a password, but over time this may be Password hacked. In this article, we will teach you how to restrict users from entering the site management only with specific IPs in Cpanel.
How to restrict access to site management to a specific computer?
The answer is simple! Through IP technology. In fact, every computer that connects to the Internet is assigned a four-part ID, which we call an IP. Each computer has its own unique IP when it enters the World Wide Web, for example, the IP address of our computer is 220.127.116.11, which may change with each connection to the Internet. There are generally two types of IPs:
1- Static IPs: These IPs are always the same and never change.
2- Dynamic IPs: These IPs always change with each connection to the Internet, and our computer is assigned a specific IP.
But now what we want to do to increase the security of our site is to identify the IPs of our employees inside the company. Then apply settings inside the host that only those IPs and with those computers can access our site management.
Of course, this feature is not only used for large companies. Even if you are the only administrator of your site, you can make it possible to access your site management only with your personal computer and internet, and no one other than you can access your site management.
How to create restrictions for entering site paths in Cpanel
1. First, log in to your site’s Cpanel host and click on file manager from the files section.
The contents you see in this path are the basic and structured files of your host. Our advice to you is to never change any of these. You have to do all the work and settings you want in the public_html directory which is the location of your site executable files.
2. To do this, find public_html from this section and double-click on it.
Allow access to WordPress admin login form only with a specific IP
These are the files and contents of our WordPress website. Now, assuming that the domain address of our website is yourdomain.com, if we want to enter the administration of our WordPress site, we type yourdomain.com/wp-admin in the browser and press Enter to open the login page for the WordPress administration.
Now note that if anyone else around the world enters this address in their browser, they can see the login page of our site management.
And if it can find the username and password to log in to the website management, it is very likely that the information security within our website management will be seriously compromised.
We want to apply settings inside the host that only this computer can access this page from our site. To do this, re-enter the Cpanel host file manager.
Now, considering that in order to enter the management of our website, we had to put a / at the end of the site address and write wp-admin, so now we have to enter the wp-admin folder. To do this, select this folder according to the image below and double-click the method to enter it.
How to create an IP restriction to log in to WordPress admin
To do this, we need to put a series of code in the .htaccess file of this folder from the site. Because the .htaccess file is a file that determines the level of access to the site paths. So if we want to create restrictions for people to access the site management paths such as IP restrictions, we must configure this file.
As you can see, this file is in front of us when we selected it. Now in order to be able to add the code we want to this file, we need to be able to edit it. Then right-click according to the image and click the edit button.
As you can see, a series of codes are already included in this file. We have nothing to do with any of these codes and we put the codes we want in the next lines.
Order deny,allow Deny from all Allow from 18.104.22.168
We decide to type these codes ourselves to allow certain IPs to enter this path from our site. So we start writing and typing Order deny, allow.
This line of code means that our commands to do this are in two modes, one deny means no access and the other allow means access. Now in the next lines we have to specify those who want to access this path from the site and those who do not want to access this path from the site. So in the next line, we type Deny from all, which means that all people in the world can not access this path from our site to ease our minds.
Now in the next line I say that except for these IPs that we say and belong to us, others should not be allowed to access. So to access this path from the site by another computer and type Allow from 22.214.171.124.
This line means that the computer with the IP address 126.96.36.199 can access this path from the site and now we are done and we click on the save changes button.
Now to see the final result of the work in the browser, type yourdomain.com/wp-admin and as you can see, a 403 error or the same forbidden will be displayed for us.
How to find a computer ip address on the Internet
There are several solutions to get a computer’s IP address, but the simplest and newest way is to go to the Google site to find the IP address of our computer and search whats my IP. As you can see, Google opens a box for us in the first row of the displayed results, and inside it, it displays the IP address of our computer, which consists of 4 parts, in full.
Now we copy this address completely and re-enter the .htaccess file of the path from our site where we put the code. In the third line, we remove the codes related to the IP address 188.8.131.52 and instead enter the IP address of our computer that we copied from the Google site.
Note: Be sure not to change anything else.
Click the save change button above again.
How to access multiple site computers with different IPs to the site management path
The first step is to re-enter the .htaccess file and refer to the last line you put in that IP line.
Now copy this line completely from the beginning to the end and press enter to go to the next line.
Now in the next line, paste the contents of the previous line that you copied and instead of the IP address of the previous line, type the IP address of another computer according to the image.
Finally, click on the save changes button.
How to set the dynamic IP to enter the site management path
The important thing to note is that 90% of computers are usually dynamic IPs. This means that every time you connect to the Internet, your computer’s IP address changes, and in this case, after changing your computer’s IP, you will not be able to see your site management page, and there are two general solutions to solve this problem:
1- The first way is to contact your internet service provider, for example, the same company from which you provided ADSL, and ask them to provide you with a static IP address. This will not change the IP address of your computer after each time you log in to the Internet, in which case you can easily set only the address of a static IP that never changes in the .htaccess file. After doing this, no one but you can even see the login page of your site management.
2- The second way is that if you do not decide to get a dedicated IP from your Internet service provider and every time your computer’s IP address changes, put your computer’s fixed IP range in the .htaccess file. For example, if you now enter the IP address of 184.108.40.206 and after turning off and turning on your computer, your IP address will be 220.127.116.11, this means that only the last two parts of your IP address will change. So instead of the full IP address of your computer, you can put the two parts that do not change in that file.
For example, if you are sure that the first two parts of your IP address will never change, put 148.251 in the .htaccess file instead of the full IP address. This means that any IP that was originally 148,251 should be allowed to enter the admin page of the site and the last two parts of the IP should not matter.
However, the security of your website is still significantly increased because there are very few computers in the world whose first IP address is 148,251. But if the security of your website is very important to you, we suggest you use the same first method, ie providing a static IP from the service company.
In this article, we tried to teach How to restrict users from logging in to site management in Cpanel. You were also taught how to add custom IPs to log in.