Knowledgebase

How to block users from accessing your site based on their IP address  Print this Article

Blocking users by IP address is pretty simple with .htaccess.
So here it is the example:
Order allow, deny
Deny from 192.168.0.10
Deny from 212.155.
Deny from 1.2.3.4  5.6.7.8 127.0.0.1
Allow from all

Let's take a look at the code line by line:
The first line "Order allow, deny" tells the web server the "Order"  in which the Allow and
Deny directive will be evaluated. It simply says: Give access to all hosts that are not
present in the Deny from list and are present in the Allow from list.  With allow, deny
order Allow list is looked up first and then the web server checks the deny from list. So
as we have allow from all - all access is allowed. Then the allowed access is filtered
based on the Deny lists. With allow,deny access is disabled by default.

If we change the order to "deny, allow" then all access is enabled by default and only
users in the deny lists are blocked. However as the deny is being processed first allow
directives will override any maching settings set in deny directives.

The default Apache order is deny, allow. So you can skip the first line in your .htaccess
file if you do not need to change the order in which the Deny and Allow rules are being
evaluated by the web server.

So to simplify the .htaccess, you can just use:
Deny from 192.168.0.10
Deny from 212.155.

Basically you can use such rules in your .htaccess file to block a particular user, or a

network from accessing your site.
You can put several IP address in a Deny or Allow rule. For example:
Deny from 1.2.3.4   5.6.7.9
The IP addresses must be separated by a space or tab.
You can put entire networks as
Deny from 212.155.
This will block all users which IP addresses start with 212.155
Or to block all access to your site:
Deny from all
And then add another line to enable access only for yourself:
Allow from 1.2.3.4
Where "1.2.3.4" should be replaced with your computer IP address.

Was this answer helpful?

Also Read

Can you provide a custom package for me?
Yes, most definitely. Simply open up a helpdesk ticket in the Sales department or contact us...
Redirect URLs using .htaccess
Sometimes you need to redirect some URL and/or page on your site to another one.The feature is...
Force SSL/https using .htaccess and mod_rewrite
Sometimes you may need to make sure that the user is browsing your site over a secure...
Change PHP variables using .htaccess
If you need to change the way your PHP is working you can do that using .htaccess.Please, note...
Block Bad robots, spiders, crawlers and harvesters
There are lots of examples across the internet that use ModRewrite. We will provide such an...