| There are two situations where you might want to | | | | be found by adding /wp-admin at the end of the |
| restrict access to your educational blog to just a few | | | | website address. By locking down the wp-admin folder |
| specific computers. | | | | to a few specific IP addresses, you can greatly limit |
| - First, you might want to restrict the entire blog so it | | | | access to the administration back-end of your class |
| can only be accessed by people using school | | | | blog. |
| computers. | | | | How to lock down your (educational) blog's |
| - Second, you might want to restrict the login pages of | | | | administration / login folder. |
| your blog, so that students can only edit or modify their | | | | If you have a self-hosted WordPress blog, the |
| work using school computers. (This also helps | | | | following trick will prevent students from logging in (or |
| prevents your site from getting hacked by observant | | | | hacking your website) at home. Note: You need to |
| students who have figured out your password.) | | | | have access to the .htaccess file on your website. Our |
| If you are pretty comfortable around computers and | | | | web host provides access to this file, however, |
| run a self-hosted blog (or have access to your | | | | apparently not all web hosts do. |
| website's servers), then you should be able to lock | | | | |
| down your class website to a few locations (IP | | | | 1. Figure out the IP address of the computer that you |
| addresses). | | | | want to use to access your blog. An IP address is |
| Why would you want to prevent your students from | | | | your internet address online. There are various sites |
| logging in at home? | | | | that will tell you your current IP address. |
| I usually don't allow my students to take their English | | | | 2. Use a text editor (i.e. notepad) to create a file |
| work out of the classroom; I'm tired of dealing with lost | | | | named .htaccess and cut and paste the following lines |
| homework. Besides, you can never be sure how much | | | | of code into the file... |
| help a student receives at home. | | | | 3. Replace 123.456.789.123 and 12.345.678 with your |
| Over the years, I've developed a folder system where | | | | real IP address. Hint: If your Internet Service Provider |
| all of our work stays in the folder. It's great. First, | | | | gives you a range of IP addresses (For example |
| students always come prepared to class (because | | | | 123.456.789.000 to 123.456.789.999), just drop the last |
| their notes and drafts never leave the room). | | | | octet number to allow a range. (For example, allow |
| Secondly, the students have a portfolio documenting | | | | from 123.456.789) |
| their learning over time. It's great for metacognition | | | | 4. Upload your .htaccess file to your blog's wp-admin |
| because students can flip back through previous | | | | folder. Now the only people who can access any file in |
| assignments in an attempt to prevent the same | | | | the wp-admin folder must be using a computer with an |
| mistakes from happening again. Finally, I know exactly | | | | IP address on your safe list (white list).Note: If you |
| what a student is capable of because I can see all of | | | | want to use the .htaccess file to limit access to your |
| their prewriting and drafts leading up to the published | | | | entire blog from specific computers, then you'll need to |
| version. | | | | copy and paste the above code into the existing |
| However, a blog potentially ruins this | | | | .htaccess file on your website's public folder (or |
| keep-it-in-the-classroom policy because students can | | | | wherever your WordPress blog files can be found). |
| log in to their user accounts from home. The beauty of | | | | You must add the code into the existing .htaccess file |
| WordPress and other blogging platforms is that it can | | | | instead of overwriting the file because WordPress has |
| you can blog from anywhere in the world. | | | | some important information in there already. |
| Also, some older students might be flexing their | | | | If the .htaccess file is modified correctly, whenever you |
| computer literacy (or vandalism) muscles. The login | | | | try to login to your blog from an unauthorized |
| page for any blog powered by WordPress can usually | | | | computer, you should receive a 403 error. |