Dashboard Lock Down

The MainWP Clean and Lock Extension allows you to set 2 different security rules on your MainWP Dashboard site.

You can use one of the two security measures or both at the same time.

Limit Access to certain IP addresses

  1. Login into your MainWP Dashboard
  2. Go to the MainWP > Extensions > Clean and Lock extension page
  3. Locate the Dashboard Lock Down option box
  4. Locate the Allow Login from optionAllow Access From
  5. In the provided text area, enter one or multiple IP addresses (each in new line)
  6. Click the Save Settings button

After setting this security measure, the /wp-login.php page will be restricted to all visitors except the ones with the whitelisted IP address.

Lock the /wp-admin/ pages

  1. Login into your MainWP Dashboard
  2. Go to the MainWP > Extensions > Clean and Lock extension page
  3. Locate the Dashboard Lock Down option box
  4. Locate the WP Admin Lock optionWP Admin Lock
  5. In the provided fields, enter wanted Username and Password
  6. Click the Save Settings button

After enabling the WP Admin lock, before accessing any WP Admin page (../wp-admin/..) HTTP Basic Authentication will be required.

Lock the /wp-login.php page

  1. Login into your MainWP Dashboard
  2. Go to the MainWP > Extensions > Clean and Lock extension page
  3. Locate the Dashboard Lock Down option box
  4. Locate the WP-Login.php Lock optionWP Login Lock
  5. In the provided fields, enter wanted Username and Password
  6. Click the Save Settings button

After enabling the WP Login lock, before accessing any the Login page (../wp-login.php) HTTP Basic Authentication will be required.

Important Notes

If you are having issues with setting WP Admin and WP Login locks, please check this document.

Some hosts don’t allow HTTP basic authentication and this can create an infinite redirection loop. This can make accessing your MainWP Dashboard site hard. In case you experience this issue, please remove WP Admin and WP Login Locks. If this doesn’t help, it is highly recommended to contact your host support.

In case you have lost your HTTP Basic Auth credentials, remove WP Admin and WP Login Locks.

Related documents