Security Controls
Tools in the VIP Dashboard and functions provided by VIP MU Plugins offer ways to harden site security and limit site access to specific individuals, IP addresses, and more.
Note
When increasing the security of a site or environment by applying settings that restrict access, ensure that access for VIP Support users is not blocked.
-
Basic Authentication
Basic Authentication restricts site access to a limited set of users that have valid Basic Authentication login credentials
-
IP Restrictions
The IP Restrictions panel in the VIP Dashboard allows IP addresses to be added to an “IP Allow List” or an “IP Deny List” for an application’s environment.
-
User Agent Restrictions
Custom rules can be added to the VIP Dashboard’s User Agent Restrictions panel to block requests made by specific User Agents to an environment.
-
WordPress Security Controls
WordPress Security Controls provides an additional layer of security, configurable options, and security recommendations in the VIP Dashboard.
-
Block unwanted origin requests with PHP
The VIP_Request_Block utility class provides a programmatic way to block unwanted requests at the application level based on IP addresses, user agent strings, and other parameters using PHP. If an incoming request is blocked by VIP_Request_Block, VIP’s CDN will return a 403 Forbidden error response for that request. Considerations Logs for blocked requests Requests that are blocked […]
-
Access-Controlled Files
The Access-Controlled Files feature restricts access to files and media uploaded to the WordPress Media Library of a site.
-
Partial restriction of site access
Partial restriction of site access can be achieved at the application level for incoming requests that reach the origin server.
-
robots.txt
The output of robots.txt can be modified with WordPress actions and filters.
Last updated: August 20, 2025