Login location, IP blocking


I saw that bots can be blocked using string matching in htaccess or by IP address in htaccess – excellent thanks!

Two more related questions

  • Additionally, are we able to install and use IP blocking plugin like Block Bad Bots (which doesn’t write to htaccess or folders)
  • Finally, can we use a plugin that changes wp-login location (and doesn’t write to htaccess)?

Looking forward to hosting with you…


Thanks for reaching out to us. Yes bots can be blocked by writing into .htaccess file or via robot.txt.

Yes you can install plugin to block the bad bots without writing to htaccess just like “stopbadbots” or the one you suggested.

Yes you can use the plugin to hide your login URL and in wordpress, the admin URL does not change via htacces. The plugin like “wp hide login” will work for you.


Forget blocking. Bots use proxies that change frequently, so today’s ban is next month’s customer as the IP is recycled. Also, it takes server time to check the list before serving a page - therefore pageload speed gets worse. With Google suggesting <2 seconds (for mobile devices - 80% of browsing), you can’t afford to waste the server time. I use Wordfence and set blocking to last 6 weeks.