Title: lock down
Last modified: August 22, 2016

---

# lock down

 *  Resolved [mrppp](https://wordpress.org/support/users/mrppp/)
 * (@mrppp)
 * [11 years, 6 months ago](https://wordpress.org/support/topic/lock-down/)
 * Hi not sure how it is done but i have seen in another plugin the ability to lock
   down the wp-admin and only have it available at set times. Is this achieved through
   htaccess or do they achieve this in another way (Itheme security)
 * [https://wordpress.org/plugins/bulletproof-security/](https://wordpress.org/plugins/bulletproof-security/)

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/)
 * (@aitpro)
 * [11 years, 6 months ago](https://wordpress.org/support/topic/lock-down/#post-5474134)
 * You can use htaccess code conditions to do things based on time.
 *     ```
       RewriteCond %{TIME_HOUR}
       ```
   
 * [http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritecond](http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritecond)
 * I am currently looking at how much value something like that idea actually has.
   ie if something is already protected 24*7*365 then the question is does adding
   an additional time condition add any more value/benefit. I think it might be 
   worth adding to BPS, but I would need to run it through scenarios and testing
   to see if it is worth adding or not.
 * Hypothetical usage example:
    Let’s say you do not want to allow any logins on
   your website between the hours of X and Y.
 *     ```
       # EXPERIMENTAL: BRUTE FORCE LOGIN PAGE PROTECTION WITH TIME CONDITION
       # Protects the Login page from SpamBots, HackerBots & Proxies
       # that use Server Protocol HTTP/1.0 or a blank User Agent
       # Experimental: Time Condition denies logins between the hours of 11PM and 8AM
       RewriteCond %{REQUEST_URI} ^(/wp-login\.php|.*wp-login\.php.*)$
       RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
       RewriteCond %{THE_REQUEST} HTTP/1\.0$ [OR]
       RewriteCond %{SERVER_PROTOCOL} HTTP/1\.0$ [OR]
       # 23 time format = 2300 hours/11PM server time
       RewriteCond %{TIME_HOUR} >23 [OR]
       # 08 time format = 0800 hours/8AM server time
       RewriteCond %{TIME_HOUR} <08
       RewriteRule ^(.*)$ - [F]
       ```
   
 *  Thread Starter [mrppp](https://wordpress.org/support/users/mrppp/)
 * (@mrppp)
 * [11 years, 6 months ago](https://wordpress.org/support/topic/lock-down/#post-5474142)
 * OK, maybe best to wait, if you think it is worth having i,m sure you will include
   at a later date.
 *  Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/)
 * (@aitpro)
 * [11 years, 6 months ago](https://wordpress.org/support/topic/lock-down/#post-5474152)
 * I believe it is going to fall into the “novelty/gimmick” category, but maybe 
   I just have not thought of a practical usage yet. Would have to fiddle around
   with scenarios.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘lock down’ is closed to new replies.

 * ![](https://ps.w.org/bulletproof-security/assets/icon-128x128.png?rev=1731938)
 * [BulletProof Security](https://wordpress.org/plugins/bulletproof-security/)
 * [Support Threads](https://wordpress.org/support/plugin/bulletproof-security/)
 * [Active Topics](https://wordpress.org/support/plugin/bulletproof-security/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/bulletproof-security/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/bulletproof-security/reviews/)

 * 3 replies
 * 2 participants
 * Last reply from: [AITpro](https://wordpress.org/support/users/aitpro/)
 * Last activity: [11 years, 6 months ago](https://wordpress.org/support/topic/lock-down/#post-5474152)
 * Status: resolved