By default only IP addresses from Australia and New Zealand are allowed to access the login page for WordPress backend/admin console (‘wp-login.php’).
This in order to prevent attacks on your website and the server.

For this reason if you try to login to the backend when you are travelling you will most likely receive “Access Denied” or similar error messages.

You can open up access by adding the IP address you need to access WordPress from. This is done on your .htaccess file in the root of your web server (public_html).
This is how to do it:

  • If you don’t know your IP address you can access this free service to know the address:
  • Using your preferred FTP client (alternatively log in to your cPanel and use the ‘File Manager’ in cPanel) – open the file .htaccess in the folder public_html.
  • In this file you need to add:
    # Allow access for specific IP when travelling (allow from xx.xx.xx.xx) after deny from all 
    order deny,allow
    deny from all
    allow from 123.456.789.101
    allow from 123.456.789.102
  • Save the file and you should now be able to log in to your website
  • If you are still unable, temporarily disable Security plugins (like iThemes Security) that might be installed on your installation of WordPress.
    This can also be done through your FTP or the File Manager:

    • Choose your WP content folder (‘content’ or ‘wp-content’)
    • ‘plugins’
    • ‘better-wp-security’ and rename this folder to for example ‘1better-wp-security’ as this will disable the plugin.
      IMPORTANT: remember to reactivate the plugin by changing the name back once you have finshied your updates otherwise you will leave the website in a vulnerable state.