內容簡介
這是一個 WordPress 外掛,只允許白名單 IP 或是白名單瀏覽器,才可以存取 wp-login 頁面。
此外掛並不會影響前端的登入外掛。
若 IP 不在白名單中,wp-login 頁面將會被鎖死並顯示信息,告知用戶「你的 IP/瀏覽器未被列入白名單」,你也可以選擇將使用者重新導向至 404 頁面。
透過此外掛,您可以建立一個管理者的 IP 清單,只允許特定 IP 存取 wp-login 頁面。即使有其他使用者登入,建議使用其他更安全的前端登入外掛。
此外掛也可以設定瀏覽器白名單,只允許特定瀏覽器存取 wp-login 頁面,讓使用者無法透過不允許的瀏覽器存取。
再者,此外掛有另一項選項(可能會有誤判),試圖檢查 IP 的來源是否為一個常用的代理伺服器,以減少偽造的情況。
此外掛不會阻擋 wp-admin,因此您登入後仍可進行網站的編輯。
此外掛還提供了一項選項,以將不合法的存取者重新導向至 404 頁面,或者告知使用者其 IP 未被列入白名單,並請他們聯繫管理員以解決問題。
外掛標籤
開發者團隊
② 後台搜尋「WP-Login and WP-Admin Whitelist」→ 直接安裝(推薦)
原文外掛簡介
A Plugin That only allows whitelisted IP’s, or optionally whitelisted browsers, to access wp-login.
This plugin does Not effect front-end login plugins.
If an IP is not whitelisted, the wp-login page will be killed and replaced with a message saying “your IP/Browser is not whitelisted”, or optionally redirect the user to 404 page instead.
A better way to hide wp-login. You can add a list of admin IP’s to this plugin, where you want to allow usage of wp-login.
Even if you have other users that login, its better to use another plugin for a more secure front end login, and this plugin will only allow a specific list of IP’s to access the wp-login page.
You can also (optionally) have this plugin attempt to redirect anyone to 404 page, if they try and access wp-login without the right IP.
You can also choose to disable the 404 redirect, and instead tell users there IP is not whitelisted, and that they should contact the admin if this is in error.
The plugin does Not block wp-admin, so once logged in, you can still edit your site on the go.
The plugin also has an option to whitelist your favorite common browsers to wp-login. This means you can keep users from accessing the wp-login page, simply because there using Internet Explore, and not what you chose to allow.
There is another option (which may return false positives), that attempts to check if the source of an IP is commonly used by a proxy server, and can block proxy IP’s to try and reduce spoofing.
