The customer portal my.neoserv.com has been redesigned. If you notice any issues, please let us know.

Cart (0)
  • Your cart is currently empty.
Checkout
  1. Home
  2. Help Center
  3. WordPress Login Country Restriction: How to Remove It

USER INSTRUCTIONS

Search instructions

WordPress Login Country Restriction: How to Remove It

Search results for: ""

At NEOSERV, we put the safety of our service users first. That’s why we have provided effective protection against so-called Brute Force attacks, in which online attackers use automated scripts to log into the WordPress administration system. A successful log-in can lead to serious consequences, such as the installation of a web virus, the deletion of the content of the site, the addition of spam, malicious links and so on.

Since most attacks happen from abroad, we have set up protection for logins from outside Slovenia and surrounding countries. In case you want to access your WordPress administration from another country, there are four ways to override the foreign protection:

  1. Remove protection for all IP addresses and countries
  2. Remove protection for specific countries
  3. Remove protection for a specific IP address
  4. Remove protection for specific countries and IP addresses

1. Removing PROTECTION for all IP addresses and countries

Most attacks occur from China, India, Vietnam, Russia, Turkey, Brazil, the USA and some other countries. To avoid the problems described above, we have limited the WordPress login to Slovenia and the surrounding countries Croatia, Austria, Italy and Hungary. Don’t worry, even if you want to access the administration of your website from any other country, you can do so easily.

In case you want to remove the Foreign Protection for all IP addresses and countries, do the following:

  1. Log in to the cPanel control panel (login instructions).
  2. In the FILES section, look for the File Manager icon and click on it.
  3. Navigate to the folder where your website is located. It is most likely in the public_html folder.
  4. Make sure you have Hidden Files and Folders enabled (instructions).
  5. Right-click on the .htaccess file and select Edit.
  6. In the code editor, add the following entry cleanly at the top:
# BEGIN Allow access to wp-admin for all
<FilesMatch "(wp-login)\.php$">
    Require all granted
</FilesMatch>
# END Allow access to wp-admin for all

7. Save your changes by clicking the Save Changes button in the top right corner.

So, now you can try logging into your WordPress administration again.

2. Removing country-specific protection

To remove foreign country protection for specific countries, add the following code to your .htaccess file:

# BEGIN Allow access to wp-admin for countries
<IfModule mod_maxminddb.c>
    <FilesMatch "(wp-login)\.php$">
        Require all granted
        RewriteCond %{ENV:GEOIP_COUNTRY_CODE} !^(SI|HR|AT|IT|HU|BR|IN|TH)$
        RewriteRule ^ - [F,L]
    </FilesMatch>
</IfModule>
# END Allow access to wp-admin for countries

In the code example above, in addition to Slovenia and our neighbouring countries, we have added an exception for BR (Brazil), IN (India) and TH (Thailand) to sign in to WordPress. Depending on which country you are currently in, or which country you want to give access to the WordPress administration, edit line 4 of the code shown accordingly. A list of two-letter country codes for the world is available here.

3. DISCONNECTING PROTECTION FOR A SPECIFIC IP ADDRESS

Still can’t log in to the WordPress administration? If you’ve followed the above procedure exactly but still can’t access your WordPress Dashboard, the problem may lie elsewhere. It is possible that you are connected to the internet via an IP address that does not belong to the country you have just given access to log in to WordPress in the IP address database (MaxMind GeoIP2). This problem is very rare.

In this case, you need to add a line of code to your .htaccess file to allow logging in via your IP address. You can find out your current IP address at the following link: http://ip.preveri.si/

Let’s assume that your IP is as follows: 193.31.40.41

In this case, you need to add the following code to your .htaccess file:

# BEGIN Allow access to wp-admin for IPs
<IfModule mod_maxminddb.c>
    <FilesMatch "(wp-login)\.php$">
        Require all denied
        <RequireAll>
            Require ip 193.31.40.41
        </RequireAll>
    </FilesMatch>
</IfModule>
# BEGIN Allow access to wp-admin for IPs

Again, your IP address is probably different from the one we used in the example above. Please adjust the IP address line of the code accordingly. If your ISP has assigned you a dynamic IP that changes over time, you will need to update your .htaccess file regularly.

4. Removing protection for certain countries and IP addresses

Do you want to remove country-specific foreign protection, but also allow access to individual IP addresses? Add the following code to your .htaccess file, adapting the list of country abbreviations and the IP address to your requirements.

# BEGIN Allow access to wp-admin for countries and IPs
<IfModule mod_maxminddb.c>
    <FilesMatch "(wp-login)\.php$">
        Require all granted
        RewriteCond %{ENV:GEOIP_COUNTRY_CODE} !^(SI|HR|AT|IT|HU)$
        RewriteCond %{REMOTE_ADDR} !(193.31.40.41)
        RewriteRule ^ - [F,L]
    </FilesMatch>
</IfModule>
# END Allow access to wp-admin for countries and IPs

Any of the four .htaccess declarations written above can be entered directly in the .htaccess file of the Root Directory of your hosting package. This way, the rule will apply to all websites hosted on your package.

For further assistance, please call us on 059 335 000 or email us at info@neoserv.si.

RELATED POSTS

COMMENTS

COMMENT THE POST

(mandatory)
(mandatory, email address will be hidden)
(optional)
Security question that confirms you are a real person.