Feb
7
2010

How to Ban an IP Address With .htaccess

By Gabriel Harper Posted in

Once in a while you might run into a suspicious IP address accessing your website. Maybe it’s doing something funny like probing for vulnerabilities, or just spamming the heck out of your server. Being a responsible webmaster, you decide to ban the IP address from your server completely – but how? Using Apache Web server it’s easy to ban a single IP address, ban multiple IP addresses or ban an entire IP range using the .htaccess file.

There might already be a file named .htaccess in your site’s base folder. If not, create a new file called .htaccess (including the period). Modify the rules below to suit your needs and add the code to your .htaccess file. Replace 1.2.3.4, 2.3.4.5… with the actual IP addresses to block.

Ban a Single IP Address:

1
2
3
order allow,deny
deny from 1.2.3.4
allow from all

This will block just a single IP address from accessing your website, but allow all other visitors.

Ban Multiple IP Addresses:

1
2
3
4
order allow,deny
deny from 1.2.3.4
deny from 2.3.4.5
allow from all

This will block multiple IP addresses from your site, still allowing all other visitors. This is the same as blocking a single IP address, we just add each additional IP we want to ban to the list.

Ban a Range of IP Addresses:

1
2
3
order allow,deny
deny from 1.2.3.
allow from all

This will block all IP addresses beginning with 1.2.3. – useful if you are dealing with a lot of different IP addresses on the same range.

And that’s it! Make sure to save your changes, and it’s also a good idea to test your site in a browser in case you made a typo. If you get a big error you’ll know something is up!

About The Author

Gabriel Harper

Gabe is the owner and founder of Intavant, and contributes to Intavant Blog regularly with his expertise in design, development & business.

Did you find this article helpful? Please subscribe!