Denying IP Addresses with .htaccess
To deny specific IP addresses access to your website using the .htaccess file, you can follow these steps:
-
Access Your .htaccess File:
- Log in to your cPanel account.
- Navigate to File Manager.
- Locate and open the
public_htmldirectory (or the directory where your WordPress installation is). - Find the
.htaccessfile. If it’s hidden, ensure you enable Show Hidden Files (dotfiles) in the settings.
-
Edit Your .htaccess File:
- Right-click on the
.htaccessfile and select Edit. - If prompted, confirm to edit the file.
- Right-click on the
-
Add Deny Rules:
- At the top or bottom of the
.htaccessfile, add the following lines to deny specific IP addresses:
plaintextCopy code# Deny access to specific IP addresses Order Deny,Allow Deny from 123.456.789.000 Deny from 111.222.333.444Replace
123.456.789.000and111.222.333.444with the actual IP addresses you want to block. - At the top or bottom of the
-
Save Changes:
- Click Save Changes to apply your modifications.
Example
Here’s how the relevant section of your .htaccess file might look:
plaintext
Copy code
# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress
# Deny access to specific IP addresses
Order Deny,Allow
Deny from 123.456.789.000
Deny from 111.222.333.444
Notes
- You can deny multiple IP addresses by adding more
Deny fromlines. - If you want to allow all other IP addresses while denying certain ones, ensure the
Order Deny,Allowline is included. - To deny a range of IP addresses, you can use wildcards. For example,
Deny from 123.456.789will block all IPs starting with123.456.789.
Conclusion
Using .htaccess to deny IP addresses is a straightforward way to enhance your website's security. If you encounter any issues, double-check the syntax and ensure your .htaccess file is correctly formatted.
