Title: WP-Login and WP-Admin Whitelist
Author: SwiftNinjaPro
Published: <strong>March 1, 2019</strong>
Last modified: November 4, 2020

---

Search plugins

![](https://ps.w.org/swiftninjapro-wp-login-whitelist-ip/assets/banner-772x250.png?
rev=2105057)

This plugin **hasn’t been tested with the latest 3 major releases of WordPress**.
It may no longer be maintained or supported and may have compatibility issues when
used with more recent versions of WordPress.

![](https://ps.w.org/swiftninjapro-wp-login-whitelist-ip/assets/icon-128x128.png?
rev=2155588)

# WP-Login and WP-Admin Whitelist

 By [SwiftNinjaPro](https://profiles.wordpress.org/swiftninjapro/)

[Download](https://downloads.wordpress.org/plugin/swiftninjapro-wp-login-whitelist-ip.zip)

 * [Details](https://wordpress.org/plugins/swiftninjapro-wp-login-whitelist-ip/#description)
 * [Reviews](https://wordpress.org/plugins/swiftninjapro-wp-login-whitelist-ip/#reviews)
 *  [Installation](https://wordpress.org/plugins/swiftninjapro-wp-login-whitelist-ip/#installation)
 * [Development](https://wordpress.org/plugins/swiftninjapro-wp-login-whitelist-ip/#developers)

 [Support](https://wordpress.org/support/plugin/swiftninjapro-wp-login-whitelist-ip/)

## Description

A Plugin That only allows whitelisted IP’s, or optionally whitelisted browsers, 
to access wp-login.
 This plugin does Not effect front-end login plugins. If an 
IP is not whitelisted, the wp-login page will be killed and replaced with a message
saying “your IP/Browser is not whitelisted”, or optionally redirect the user to 
404 page instead.

A better way to hide wp-login. You can add a list of admin IP’s to this plugin, 
where you want to allow usage of wp-login.
 Even if you have other users that login,
its better to use another plugin for a more secure front end login, and this plugin
will only allow a specific list of IP’s to access the wp-login page. You can also(
optionally) have this plugin attempt to redirect anyone to 404 page, if they try
and access wp-login without the right IP. You can also choose to disable the 404
redirect, and instead tell users there IP is not whitelisted, and that they should
contact the admin if this is in error. The plugin does Not block wp-admin, so once
logged in, you can still edit your site on the go. The plugin also has an option
to whitelist your favorite common browsers to wp-login. This means you can keep 
users from accessing the wp-login page, simply because there using Internet Explore,
and not what you chose to allow. There is another option (which may return false
positives), that attempts to check if the source of an IP is commonly used by a 
proxy server, and can block proxy IP’s to try and reduce spoofing.

## Screenshots

[⌊the Swiftninjapro wp-login Whitelist IP settings⌉⌊the Swiftninjapro wp-login Whitelist
IP settings⌉[

the Swiftninjapro wp-login Whitelist IP settings

## Installation

 1. Upload plugin to the /wp-content/plugins
 2. Important: Make sure you have cpanel or filezilla working and connected to your
    website, so if you forget to add your IP and get locked out of wp-login, you can
    disable the plugin
 3. Activate the plugin through the ‘Plugins’ menu in WordPress
 4. Add your IP to the list of whitelisted IP’s in Swiftninjapro wp-login Whitelist
    IP settings (the admin settings page will tell you your Current IP)
 5. Check the setting “Plugin Enabled” To Enable wp-login Whitelist IP And Click Save

## FAQ

### What do I do if I forgot to add my IP to the whitelist and can Not access wp-login

To reactivate the plugin: (requires version 1.10 or later)
 1. on your site, go 
to: /admin-login-whitelist-recovery 2. enter the page password “gHxXeVwvuz6Cez3”(
You will still need to verify disabling the plugin through an admin email) 3. follow
the directions on that page After that, the plugins “Enabled” setting will be disabled,
and the plugin will not run, and settings will still be accessible. Note: The email
must be an admin users email. The email will also be rejected if the account is 
less than a week old.

If that fails, you can do 1 of 2 things:
 1. Contact your host, and ask them to 
disable the plugin manually 2. Use FTP, Filezilla, or cpanel, then (click “File 
Manager”, if using cpanel) navigate to public_html/wp-content/plugins, then find
the folder “swiftninjapro-wp-login-whitelist-ip” and rename it to “swiftninjapro-
wp-login-whitelist-ip-off” to disable the plugin.

### Does this work on wp-login even if I change the name with other plugin

yes, this plugin uses wordpress functions wp_login_url(), wp_registration_url(),
etc. to get an accurate url based on what your website uses.

### Does this block plugins from logging in users through front-end

no. only the backend wp-login is blocked, you can still use a front end login for
your users if you want to.
 note: if your front end login plugin uses wp-login, 
you will need to enable a setting in this plugin, for your front end login plugin
to work.

### what happens to a user if there IP is not whitelisted

The plugin will kill the wp-login url for non-whitelisted IP’s, and (optional by
the admin) display a message saying there IP is not whitelisted, or redirect them
to the 404 page.
 The plugins displayed message will also suggest a blocked user
contact the admin if the block was in error.

## Reviews

There are no reviews for this plugin.

## Contributors & Developers

“WP-Login and WP-Admin Whitelist” is open source software. The following people 
have contributed to this plugin.

Contributors

 *   [ SwiftNinjaPro ](https://profiles.wordpress.org/swiftninjapro/)

[Translate “WP-Login and WP-Admin Whitelist” into your language.](https://translate.wordpress.org/projects/wp-plugins/swiftninjapro-wp-login-whitelist-ip)

### Interested in development?

[Browse the code](https://plugins.trac.wordpress.org/browser/swiftninjapro-wp-login-whitelist-ip/),
check out the [SVN repository](https://plugins.svn.wordpress.org/swiftninjapro-wp-login-whitelist-ip/),
or subscribe to the [development log](https://plugins.trac.wordpress.org/log/swiftninjapro-wp-login-whitelist-ip/)
by [RSS](https://plugins.trac.wordpress.org/log/swiftninjapro-wp-login-whitelist-ip/?limit=100&mode=stop_on_copy&format=rss).

## Changelog

#### 1.10

Moved recovery page to front end (password protected)

#### 1.9

Added recovery page in case ip not whitelisted (requires admin)

#### 1.8.1

Updated Function to detect browser
 Usage of new Function can be enabled in the 
plugin settings

#### 1.8

Added option to add wp-admin whitelist

#### 1.7.2

Modified block message shown when 404 redirect option is disabled
 – no longer mentions
existence of a plugin – now provides debug suggestions (like changing wifi network
or using a different browser) Settings page now grabs admin url from a wordpress
function to provide better compatibility with plugins that may change the admin 
url

#### 1.7

Improved compatibility with plugins that use wp-login redirects
 This new compatibility
can be enabled in settings and is optional

#### 1.6

Browser Detection Now Includes Microsoft Edge
 Microsoft Edge no longer returns 
as Google-Chrome

#### 1.5.3

Added option to block common proxy server IP’s

#### 1.5.2

bug fix
 fixed small php error where multi-line ip list was getting phrased weird
and invisible encoding for extra lines (added by default from a common php function)
was causing a difference between the userIP and the ip whitelist ip list now recognizes
multiple ip’s in a list

#### 1.5

plugin now (optionally) kills the page and displays a message instead of sending
a non-whitelisted user to a 404 page

#### 1.4

changed the settings layout
 updated option names organized naming system reorganized
plugin layout

#### 1.3.2

bug fix

#### 1.3

Added Option To Whitelist Browser

#### 1.2

put settings under a tab which will be shared with other plugins by SwiftNinjaPro

this will help reduce the space taken up in admin menu if you use multiple plugins
by SwiftNinjaPro 😀

#### 1.1.1

bug fix

#### 1.0

First Version

## Meta

 *  Version **1.11.1**
 *  Last updated **6 years ago**
 *  Active installations **10+**
 *  WordPress version ** 3.0.1 or higher **
 *  Tested up to **5.5.18**
 *  PHP version ** 5.2.4 or higher **
 * Tags
 * [login](https://wordpress.org/plugins/tags/login/)[security](https://wordpress.org/plugins/tags/security/)
   [whitelist](https://wordpress.org/plugins/tags/whitelist/)[wp login](https://wordpress.org/plugins/tags/wp-login/)
   [wp-admin](https://wordpress.org/plugins/tags/wp-admin/)
 *  [Advanced View](https://wordpress.org/plugins/swiftninjapro-wp-login-whitelist-ip/advanced/)

## Ratings

No reviews have been submitted yet.

[Your review](https://wordpress.org/support/plugin/swiftninjapro-wp-login-whitelist-ip/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/swiftninjapro-wp-login-whitelist-ip/reviews/)

## Contributors

 *   [ SwiftNinjaPro ](https://profiles.wordpress.org/swiftninjapro/)

## Support

Got something to say? Need help?

 [View support forum](https://wordpress.org/support/plugin/swiftninjapro-wp-login-whitelist-ip/)

## Donate

Would you like to support the advancement of this plugin?

 [ Donate to this plugin ](https://buymeacoffee.swiftninjapro.com)