Restricting access by IP address is a service we offer as part of our suite of security services. Clients on our Standard support package and above are entitled to this as part of their retainer services, but any of our clients can request the increased security measures.
What is restricting access by IP address?
We can restrict access to your WordPress dashboard based on the IP address used by the person trying to access it. This can significantly reduce the chance of unauthorised entry, even by someone who obtains or guesses a password.
What is an IP address?
You may or may not want to know (please feel free to skip to the next section), but for completeness, IP stands for Internet Protocol. The address bit is a unique series of numbers in the following format: xxx.xxx.xxx.xxx. This address is what enables you to connect to the internet and engage in online activity.
An IP address is given to you by the network you use to get online. At home, this might be directly from your internet service provider; in the office, you may have a company network; and in a train station or coffee shop, you maybe use a wireless network.
What is my IP address?
Just Google for “whats my ip” and you’ll get the answer, or visit WhatIsMyIP.com. If you use an office network, check with your network administrator, as there may be a range of addresses involved.
Different types of IP restriction
There are a variety of different types of IP restriction, some of which may be more suitable than others, depending you and your organisation’s requirements.
1. Whitelisting IPs
The strongest method is to exclude any IP address apart from those on a specified list given to our hosting partners. These IPs can include your office network and any additional VPNs you use, plus one we use for accessing restricted client sites.
A potential issue for out-of-office workers
If you’re connecting via your office network, you will likely use the same IP address or range of addresses every time, and so they can be easily whitelisted. But if any of your website editors work from home (occasionally or regularly), you may well be using a consumer ISP like BT or Virgin, and a “dynamic IP” which changes regularly – it may change daily or every time you reboot your router. We would then have to ask the hosts to add the new IP to the whitelist every time it changed, before you can access the site again.
Solution: setting up a single dedicated IP address
If you’re unable to connect via your office network when working from home, you may like to set up a VPN which can give you a single dedicated IP address, shared between colleagues. We use GoodAccess for this.
2. Blacklisting IPs
A less extreme measure is to block (or blacklist) certain suspicious IP addresses, for example those used to repeatedly attempt entry using incorrect logins. This can be done manually in the hosting control panel, or automatically if you use software like iThemes Security Pro.
3. Restricting IPs by country
Another option is to block IP addresses from certain countries from accessing WordPress or even visiting your site at all, if you decide you will never be targeting customers or readers in certain parts of the world that may represent more of a threat. However this is a less effective measure for many reasons; top of the list is the fact that it’s so easy to use a VPN to mask the country you’re dialing in from.
Next steps
If you would like us to set up IP restriction on your website, send an email to [email protected] to get the ball rolling.