Security Module

IP Whitelist/Blacklist

IP Whitelist/Blacklist controls site access based on visitor IP addresses. Create whitelist rules to only allow access from specific IPs, or blacklist rules to block known bad actors. This is useful for restricting admin access to office IPs, blocking persistent attackers, or creating private sites only accessible from certain networks. The module handles IP matching including CIDR ranges for network blocks.

ip whitelist blacklist security access-control

IP Whitelist/Blacklist Part of 165+ modules $349 $249

Get Lifetime Access

Key Features

IP whitelist for admin access
IP blacklist to block attackers
CIDR range support

Why Use This Module?

  • Restrict access to specific IPs
  • Block malicious IP addresses
  • Protect admin from unauthorized networks
  • Support for IP ranges via CIDR
  • Essential for private or internal sites

Real-World Use Cases

Block Malicious IPs

Blacklist specific IP addresses or CIDR ranges (e.g., 192.168.1.0/24) that are attacking your login page or sending spam.

Office-Only Access

Whitelist your company's static IP addresses to restrict admin access only from office network for maximum security.

Geographic Blocking

Block entire IP ranges from countries where you don't do business to reduce spam and automated attack traffic.

How to Use

Add IP addresses to whitelist (allowed) or blacklist (blocked) in module settings. Use CIDR notation for IP ranges.

Benefits & Impact

Time Savings

Automates manual tasks and streamlines your workflow

Performance Boost

Enhances site security and protection

Better UX

Provides a better user experience

Easy Maintenance

Simple setup with minimal ongoing maintenance

Frequently Asked Questions

Can I block my own IP?

Be careful when blacklisting. If you block yourself, you need server access to undo it.

Does this work with proxies?

The module checks standard IP headers. Users behind certain proxies or VPNs may show different IPs.

Can I whitelist dynamic IPs?

Dynamic IPs change, making whitelisting unreliable. Consider VPN with static IP for consistent access.

What Users Are Saying

"Only office IPs can access admin. Whitelist made it simple."

— Internal App

"Blocked the entire IP range the attacker was using. Stopped them cold."

— After Attack

"Staging only accessible from our IPs. Clients cannot accidentally find it."

— Development Site

Related Modules

SECURITY

Activity Log

Track and log user activities including logins, logouts, post modifications, plugin activations, theme changes, and settings updates for security auditing

activity log audit +2
Learn More →
SECURITY

Disable All Updates

Disable automatic WordPress, plugin, and theme updates completely for production sites where manual update control is required for stability

updates disable maintenance +2
Learn More →
SECURITY

Disable Application Passwords

Disable WordPress application passwords feature to prevent REST API authentication and improve security by removing this authentication method

passwords security disable +2
Learn More →
WPSwitchboard

165+ Modules.
One Plugin. Done.

Security, admin tools, performance, SEO, and more. All in one place.

Get Lifetime Access - $349 $249
Core Modules
165+
Admin Tools, Security, Optimization, and more
Enhance your WordPress admin experience
Admin Tools
Dashboard Enhancements
Customize admin interface
Security & Performance
Optimization Modules
Secure & optimize your site