Search for answers or browse our knowledge base.
How to configure WordPress login page geo-blocking with Melapress Login Security
Melapress Login Security enables you to harden your WordPress Login page by hiding your login URL and restricting access based on geographical location.
When limiting access based on geographical location, the plugin uses the user’s IP to determine their location. It will then apply the rules you set in the policy to either grant or deny access to the page.
First, you need to get an IPLocate API key. If you have previously set up an IPLocate account to use with CAPTCHA 4WP, you can use the same API key.
Step 1: Configure IPLocate API Key
IPLocate offers a free plan that includes up to 1,000 verifications per day. You can set up your account by visiting IPLocate.io and registering for a new account.
Follow the instructions provided by IPLocate to get your key. Once done, log in to your WordPress dashboard, navigate to Login Security > Settings, and then click on the Integrations tab.
Enter your API Key in the textbox and click on Save Changes.
Step 2: Configure login page geo-blocking
With the API key in pace, we can now go ahead and configure geo-blocking for the WordPress login page.
First, navigate to Login Security > Login page hardening.
Scroll down until you see the Block or allow access to the login page by countries section and configure the below fields:
- Country Codes: Enter the ISO country codes of the locations that you would like to block or allow
- Action: Choose whether you want to:
- Do nothing: Turns off the feature
- Allow access from the above countries only: Limits login page access to users with an IP from the country or countries configured in ‘Country Codes’ and blocks everyone else.
- Block access from the above countries: Blocks login page access to users with an IP from the country or countries configured in ‘Country Codes’ and allows everyone else.
- Login Blocked Redirect URL: Choose which page you want to redirect blocked users to.
Once ready, click on Save Changes to apply the new settings.
More login page hardening with Melapress Login Security
Now that you’re geo-blocking access to the login page, why not hide the WordPress login page for increased security?