By the time admin_init rolls around you should know if you’re doing AJAX or not. If you’re not, then check the IP. Keep in mind that anyone can fake that number.
add_action('admin_init', function() {
if(defined('DOING_AJAX') && DOING_AJAX) {
return; // ignore ajax
};
$ip = $_SERVER[ 'REMOTE_ADDR' ];
if($ip !== '10.0.0.0') {
wp_die(__('You are not allowed to access this part of the site'));
}
});
Related Posts:
- I found this in a plugin. What does it do? is it dangerous?
- How to properly secure my WordPress installation?
- Questions about brute force attacks on the admin username, coming from amazon IP addresses
- Why Better WP security plugin returns 418 I’m a Teapot “error”?
- Weird problems after recovery from security breach
- Escape when echoed
- Preventing BFA in WordPress without using a plugin
- Why isn’t admin_notices displaying my text? [Simple Plugin, Beginner]
- problems with wordpress and php version 5.3.3-1
- WordPress takes too much time (100 seconds) to load – Front end and back end
- WordPress on AWS with ELB
- How to make multiple admin pages for one plugin?
- How can i force wp-admin to use 2-column dashboard layout? [closed]
- Is this plugin safe to run?
- WP Insert Post If user refreshes override new post
- 404 errors when updating options in admin dashboard
- Can I disable xml-rpc by setting it to false?
- WordPress fatal error from php protocol codes
- How can we get this dynamically as this folder may not be by the same name always → wp-admin
- Calling PHP function with AJAX
- WordPress Plugin PHP Not Calling Function
- Is admin section completely customizable in terms of styling?
- Optimized PHP & WordPress settings for speed/performance?
- Admin login substantially slower on production server
- How to add php stylesheet to admin section instead of admin_head hook
- Allow users to download media files directly from Amazon S3 (AWS plugin)
- Fast Tranfering my WordPress site to another server
- How to debug periodic performance issue
- How to rename files during upload to a random string?
- Allow direct access to files/folders within WordPress to replace wp-admin
- Getting 504 Gateway Timeout Error on AWS Server! [closed]
- PHP FATAL ERROR
- Stop the user if login from the cookies
- Disable email notification after change of password
- __(): What if I have to pass in a variable?
- Run WP-CLI using PHP
- How to remove duplicate sub-menu name for top level menu items in a plugin?
- Plugin update error message
- PHP Deprecated: Non-static method should not be called statically
- Why allow overriding crucial pluggable functions wp_verify_nonce and wp_create_nonce?
- Set a User as Author of all ‘New Posts’ posted
- Calling function from within functions.php returns unwanted value
- Prevent Brute Force Attack
- Check if a class exists within a method
- Loading class files via autoload method
- Adding a custom line of text to php code
- Modifying Footnote Plugin for Descriptive Title Attributes
- I would like to use create a function in my custom plugin to tell WP to use a different header
- add_meta_box (Will display only in specific page admin WordPress)
- How to write one comment and publish on every post using database or plugin?
- Make id column as AUTO INCREMENT on plugin activation
- Redirecting to home page after login as custom role WordPress
- Notepad sticky plugin
- WooCommerce Custom Product to checkout
- How to stop or remove an action being called inside a function of an extended class
- How to simultaneously access the same MySQL database in the main column and sidebar of WordPress?
- Date calculations from 2 custom fields
- Default WordPress WP Editor removing style tags and html tag
- Easiest way to add dropdown to a page
- Assign / update custom field value for all posts (How can I assign only to posts without custom field value?)
- How to enable specific plugin only based around shop manager role?
- Adding a new field to the address field type in gravity forms
- Show admin notice on incorrect value on form field
- Why can’t I access my Intranet LDAPS with NADI?
- WordPress adding a menu page when activating a plugin
- Hack-Proof OR Security in WordPress — is it real?
- Redirect to another page using contact form 7? [closed]
- Is wp-app.php or wp-apps.php needed for WordPress?
- Is Timthumb still broken? What security measures should be taken?
- How to distinguish if a plugin is not installed or just not active
- JavaScript in a PHP plugin
- Checking the count within a foreach loop
- Specific way to allow WordPress users to view their current password? And edit it?
- How to prevent plugins from sniffing/stealing other plugins’ options?
- Is there a function to list all uploaded images? How can I add one?
- speed up pagination for huge database
- How to redirect to a page after the form is submitted
- If I use an alternative login (e.g. CAS or other SSO) plugin, is my site protected from the recent brute force login attempts?
- Error activating certain plugins
- Code for unique user visit count on every page WordPress
- Content-Security-Policy implementation with WordPress W3Total Cache plugin installed
- Custom Plugin: How to Include Install Buttons of other 3rd Party Plugins?
- front end editor creation for Restropress plug in – displaying information from a WP admin area, on a different URL
- Failed GET Request From admin.php To Fetch .min.js File From Unminifed Directory
- Cron job shedules replace?
- Create a form and have custom menu display based on user answers?
- https rewrite not working for All in one security Brute force > rename login url
- Can i add custom code in Source in specific page, Header from function.php?
- Problem with conditional woocommerce custom checkout field
- Admin Logged In Notify Globaly
- Editing Global Variables from Inside Functions
- Posting code inside the post instead of in the template file using shortcode
- conditional tags for the output of a plugin
- Can’t insert files in other inputs
- How to tweak a plugin without preventing it from updating
- Place max_execution_time in plugin [closed]
- Notifications Bar on home page only
- wordpress illegal string offset ‘parameter’ error
- Is there any WordPress Plugin that provides video editing from front end side? [closed]
- WordPress website is redirecting on some different shopping page