Hello Ed,
I have always used the default configuration, but I do see that a lot of people are protecting the wp-admin directory by adding a .htaccess file to it with the following contents:
Quote:
AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "Access Control"
AuthType Basic
order deny,allow
deny from all
# whitelist home IP address
allow from 12.23.34.45
# whitelist work IP address
allow from 11.22.33.44
allow from 11.22.32.44
# IP while in Florida; remove when back from fishing
allow from 98.87.76.65
|
This will prevent access to wp-admin folder from all IP addresses except those mentioned above.
Not that you have mentioned this, I must go out and do this on my blogs - My luck, if I don't do it now, I'll wish I had
BTW - After 5 posts, you can put your site's url in your signature. You'll find that valuable
Best regards,
Jim.