I really like the ability to IP restrict the WebAdmin console at the server level. Can this also be done for the wordpress login and wp-admin of specific virtual hosts above the .htaccess level?
For WordPress admin, normally the site owner controls it. hence he/she can deny allow ips in /wp-admin/.htaccess , .htaccess should be sufficient/convenient for shared hosting user. I don't see any need above .htaccess.
