How to whitelist an IP when blocking a wp-login.php?


I read an article and there had been said that this:

(http.request.uri.path contains "/wp-login.php")

is going to help me with the multiple requests I face up everyday from all over the world.
I want to secure my wp-login.php file and add such things, my only concern is the following.
I have a few people which work with me and they log in everyday, so I have two options:
Option one > to whitelist their IP’s so that then can log in and post articles, this one would be a bit difficult, because most of the IP’s are dynamic so I will have to change that rule pretty often.
Option two > to whitelist my whole country, which would be better for me, because I live in a small country and I also have a second protection with .htpassword.

So my main question is how can I whitelist my whole country if possible, if not, how can I whitelist a few IP’s while making the blocking rule for people not accessing my wp-login.php file ?
Should I go to “Security > WAF > Tools” and Whitelist my whole country or I should make some exception when making it from here:

(http.request.uri.path contains "/wp-login.php")

Thank you

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.