I have restricted access to my wp-login.php and have allowed to only one IP and it worked fine till I moved my site to SSL. Now if i try accessing wp-login.php from a different IP without https, its showing the forbidden. But if i try https:// www . mysite . com / wp-login.php then i am able to get the login page.
I’m not able to identify here whats the issue. Any help ?
Here is my htaccess part
<files wp-login.php>
order allow,deny
deny from all
allow from xxx.xxx.xxx.xxx
</files>
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
One more info, the site was originally created without SSL, and then later moved to SSL.
