Kinsta’s Managed WordPress Hosting customers can now restrict access to their websites via SFTP/SSH and to their phpMyAdmin database dashboards to clients connecting only from allowed IP addresses.

This security enhancement is in addition to other recent updates to SFTP/SSH configuration within the MyKinsta dashboard that help guard access to your websites. The earlier enhancements added support for:

  • Disabling SFTP/SSH access.
  • Disabling passwords as an authentication method.
  • Auto-expiration of passwords.
  • Downloading access configurations for use in third-party applications.

With the addition of IP allowlists for SFTP/SSH and phpMyAdmin, you can eliminate connection attempts from unknown IP addresses.

How to configure IP allowlists in MyKinsta

IP allowlists are managed on the Site Information page in MyKinsta, found under WordPress Sites > sitename > Info.

On the SFTP/SSH panel, you’ll find an edit icon to the right of the IP allowlist label. Click that icon to begin adding or deleting IP addresses that are permitted to connect for shell or SFTP access:

Screenshot showing the SFTP/SSH panel in MyKinsta and the edit icon for an IP allowlist.
Clicking the edit icon to manage an SFTP/SSH IP allowlist.

Similarly, you can specify IPs permitted to access the phpMyAdmin tool by clicking the edit icon beside the IP allowlist label in the Database access panel:

Screenshot showing the database access panel in MyKinsta and the edit icon for an IP allowlist.
Clicking the edit icon to manage a phpMyAdmin IP allowlist.

Clicking the allowlist edit icon on either panel will launch an Update IP allowlist dialog like the one below:

Screenshot showing the dialog or editing IP allowlists in MyKinsta.
Adding an IP address to an allowlist in MyKinsta.

Build an allowlist by entering valid addresses in the Add IP addresses field and clicking the Add button.

Some tips:

  • You can add multiple IP addresses at once by separating them with commas.
  • You can specify an IP address block using the usual syntax. Example: 35.238.77.1/32.

When an allowlist is active for SFTP/SSH or phpMyAdmin, the number of IPs allowed will be shown on the service’s panel on the Site Information page:

Screenshot showing a database access panel in MyKinsta a report of two addresses in an IP allowlist.
This Database access panel indicates the phpMyAdmin allowlist contains two IPs.

Removing addresses from the IP allowlist

There are two ways to remove entries within the Update IP allowlist dialog:

  1. Click the trashcan icon beside individual entries.
  2. Use the checkboxes to select entries in the list and then click the red Remove IP address(es) button.
Screenshot showing an address highlighted in an IP allowlist and the button used to delete it.
Removing the selected IP address from an allowlist.

We take security seriously at Kinsta

Kinsta leverages the Google Cloud and Cloudflare to provide additional protection for customer websites, including firewalling, DDoS protection, and free wildcard SSL.

Independent auditors have also confirmed our compliance with System and Organization Controls (SOC) security standards. To learn more, read Kinsta’s SOC 2 Type II report. (You can Request it through our Trust report page.)

Get started with our secure environment by finding the best web hosting plan for you.