I have a website with a loose security admin area. Instead of fixing the many security holes that /admin page has, I kinda kept the hackers away by using htaccess:
deny from all
It didn't allow anyone to access /admin area. But I had to remove this condition any time I wanted to access the page. So, I used htaccess white list of IP's. Now it looks like this:
<Limit GET POST>
order deny,allow
deny from all
allow from 1xx.2xx.xxx.xxx
allow from 1xx.2xx.xxx.xxx
</Limit>
So, this way, my home and office IP's are whitelisted and other people (incl. hackers) will get a 403 error accessing /admin. But now, I wonder if they can hack my computer and use my IP to access this forbidden page. Do you think hacker have this ability, or is my website totally safe now?
or is my website totally safe now
No, not a single website is totally safe, hackers are always one step in front of the defenders.
But it's a good start making it harder for the hackers to break into your site