Problem:
You are working with a Wordpress or Joomla CMS and you need to protect your back-office login to avoid massive attacks or hacking, but you are not sure to use a plugin to do that, you are looking to know what are the page in the corresponding CMS to edit to add your own script.
Solution:
It's quite easy to protect your CMS back office, it depend of the CMS that you are working on, you can do this using a little script to avoid any access to the login screen.
The script is something like this one:
<?php
$vip = $_SERVER['REMOTE_ADDR'];
if ( ($vip!='92.239.116.139') ) {
echo "<div id='errmessage'>Forbbiden to:".$vip."</div>";
}
?>
Now, you only need to add this lines of code to the following files, it depend of the site and/or page that you would like to protect.
With this script, only connections to your site from the choose IP will be able to access to your site, if your IP is not static, you will need to update this script or maybe use another one that use other check rather than the remote ip connected to the site.
Joomla:
- Frontoffice:
/httpdocs/templates/<yourtemplate>/index.php - BackOffice:
/httpdocs/administrator/templates/<yourtemplate>/index.php
Wordpress:
- Login: /httpdocs/wp-login.php
