Plugin Author
AITpro
(@aitpro)
If you are the only person that logs into your site then you can allow access to login to your site using your IP address range. Protecting wp-login.php protects your wp-admin directory. ie in order to get to wp-admin you have to authenticate first.
http://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/
Right now I have my sites set so only my ip can access the login page. I did try an access on a test site from a proxy using the site name/login/ and it got a 403 so this may be a moot question. But when I tried all of the 1st three methods from my browser, they all brought up the login page. Which is why I started this thread as there is no specific protection from those url calls. (Probably came up because the transfer from the original call to the login page carried my ip address so it came up in my browser.
If this is not true, open up the thread again.
Plugin Author
AITpro
(@aitpro)
Probably came up because the transfer from the original call to the login page carried my ip address so it came up in my browser.
Yes. You are correct. Since your Public ISP IP address is whitelisted you will be able to view your Login page. When testing with a Proxy that has a different Public IP address you should see a 403 Forbidden error, which you saw so that means that everything is setup correctly.
