Blocking access to a site by IP address

Modified on Sat, 11 May 2024 at 09:50 PM

Blocking access by IP address can be an effective way to solve the problem of constant attacks and bots on the site. Let's look at how to block an IP using the .htaccess file and WordPress plugins.

WHY BLOCK IP

  • Blocking IP addresses from which attacks are launched protects the resource from unwanted traffic and reduces the risk of hacking and data theft.

  • Reducing the load on the server by blocking networks from which a large number of requests from bots come.

  • Spam prevention.

But it is worth noting that blocking will not help if attackers constantly change addresses using proxy servers and VPNs.

HOW TO CLOSE ACCESS TO A SITE VIA IP IN A .HTACCESS FILE

FOR SPECIFIC IP ADDRESSES

In the .htaccess file, write a Deny from rule for each IP address:

Deny from 127.0.0.1 Deny from 127.0.0.2

Instead of 127.0.0.1 and 127.0.0.2, enter the IPs to be blocked. If multiple users use an IP address, everyone will be blocked.

BY MASK

Blocking IP addresses by mask allows you to block access to a resource from certain subnets. The subnet mask determines the range of IPs to block.

For example, a site is under attack from IP addresses on a specific subnet. To avoid blocking each IP address manually, you can use a mask to block the entire subnet at once.

That is, if IP addresses are in the range 127.0.0.1 - 127.0.0.254, it is enough to enter the mask 127.0.0.0/24 in .htaccess.

Deny from 127.0.0.0/24

This is useful in cases where attackers use different IP addresses within the same subnet. To determine the subnet mask, you can use the online IP to CIDR converter.

FOR ALL

Access to the site can also be closed for all users; to do this, just add the following rule to the .htaccess file:

Deny from all

ALLOWING ACCESS FROM ONE IP

To allow access from only one network address, write in the .htaccess file:

Order Deny,Allow Deny from all Allow from 127.0.0.1

Where 127.0.0.1 is the allowed IP address.

HOW TO PROHIBIT ACCESS TO A SITE BY IP USING WORDPRESS PLUGINS

Let's look at popular WordPress plugins that allow you to block access to a site via IP:

  • iQ Block Country – provides protection against spam, bots and malicious attacks using IP address information. The plugin itself is free to download, but there is an annual fee for the GeoIP API license key.

  • WP Ban – makes it possible to restrict access to a specific IP address or range of addresses, by host name, by website address, by User Agent. Keeps statistics of attempts to access the site by blocked users.

  • IP Geo Block - in it you can block access from certain countries or regions, add target IP addresses that need to be blocked or allowed.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article