How To Secure Magento 2.X Admin Login From Unauthorised Access By Unknown IP With The Help Of Htaccess File.

In this article, We discussed about how to secure/protect our magento 2.X admin login from unauthorised access by unknown IP’s with the help of htaccess file.

Follow the below steps to secure your magento 2 admin login page from unwanted and unauthorised access.

Let’s Get Started!

Step 1: Go to your magento 2.X root directory.

Example Path: {Your_Magento_Root}/
In My Case, My root folder name is “Magento2”

Step 2: Open .htaccess File

Step 3: Add below code in your .htaccess file.

After below line code:
RewriteCond %{REQUEST_URI} !^/dev/

// Add Below Code

RewriteCond %{REQUEST_URI} ^/(index.php/)?admin_2qtdls(.*) [NC]
RewriteCond %{REMOTE_ADDR} !^111\.93\.41\.194
RewriteRule .* - [F,L]

Meaning and changes of above code line according to your store is below:

// Changes Be Like (Just For Understanding)

RewriteCond %{REQUEST_URI} ^/(index.php/)?admin_url_key(.*) [NC]
RewriteCond %{REMOTE_ADDR} {!^allow\.public\.ip\.address}
RewriteRule .* - [F,L]

Step 4: After changes, save the .htaccess file in magento 2.X root directory.

Step 5: Now, Whatever you write the public ip address is only allow to make Changes or login in magento 2 admin dashboard.

URL For File Reference: Click Here
OR
https://drive.google.com/file/d/1ZIVfCOrv2xtCC3cNjli3o9q12M5YWYEz/view?usp=share_link

Conclusion:

This help us to protect from unauthorised access in magento 2 admin login.

Thanks For Reading :)