WordPress won’t care about the IPs, It’s Apache’s job to map IPs to your vhosts. You need to look at the Apache config: set up either 5 separate VirtualHost entries that all point to the same DocumentRoot, or tell Apache to listen on all available IPs, and use a wildcard match on a single VirtualHost … Read more
Don’t know about more extensive solutions but this can be accomplished with tiny plugin which will check IP (in $_SERVER) at some stage of load and die on match. Had you looked through official repository? There is IP tag.
Just add a check for the log in status: add_filter( ‘pre_comment_user_ip’, ‘wpse_53935_no_ip_for_logged_users’); function wpse_53935_no_ip_for_logged_users( $ip ) { return is_user_logged_in() ? 0 : $ip; }
If I understand you, don’t use ‘localhost’. That only works if you are testing from the same machine that is running the server. (A virtualized machine counts as a different machine.) Give your server (the machine running the server) a static IP address– something like 192.168.1.5– and use that instead of ‘localhost’. That will work … Read more
Despite that this approach may be flawed by the fact that it can be by-passed using proxies, here is a simplistic (yet untested) approach, which you would need to improve upon but would give you the foundation for achieving your desired goal. The process as I see it: filter user registerations on the pre_user_login or … Read more
IMHO this is not the best method of protecting your WP Admin. IPs can be spoofed. This method also restricts you to specific IPs which can be annoying if you wish to access it from a different office/location. I’d recommend either a simple server-based password protection on the wp-admin directory. Of course, the downside is … Read more
IP address validation during authentication – for a selected user only Here’s a way to hook into the authenticate filter and validate the IP address for a given user during authentication. The user can see the invalid IP address error like shown here: /** * Validate IP Address During Authentication – For A Given User … Read more
You can use wp_login_failed action for that purpose… It’s called at the end of wp_authenticate, if user credentials were incorrect. function my_log_brute_force( $username ) { $ip_address = $_SERVER[‘REMOTE_ADDR’]; // store that info somewhere file_put_contents( ‘bf-log.txt’, date(‘c’) . “\t{$ip_address}\t{$username}\n”, FILE_APPEND ); } add_action( ‘wp_login_failed’, ‘my_log_brute_force’ ); Also this article may be helpful: Getting real IP address … Read more
This functionality is not directly available, you’ll have to track the logins inside the database(probably as a transient) & check if that transient is available. function check_for_admin() { $user = wp_get_current_user(); if(in_array(‘administrator’, $user->roles)) set_transient(‘admin_ip’, get_ip(), 60*10); } add_action(‘init’, ‘check_for_admin’); After that you can use get_transient(‘admin_ip’) & check if it’s available For retrieving the IP, you … Read more
If it’s information that logically belongs to a post/page – you store it in postmeta (with update_post_meta function). If it’s something that pertains to a user – usermeta table is for you. More still, there’s Settings API in case you have a plugin that needs to persist any settings. From your question it is somewhat … Read more