How to block IPs from accessing your website

Sometimes you might need to prevent access to the website or whole hosting account for specific visitors, for instance, when you are developing a website or in case of DDoS attacks.

Below you can find guidelines on setting up an automatic IP block, a manual IP block and a block from a specific country:

Automatic IP block

Manual IP block



For an automatic IP block, cPanel provides a special IP Blocker tool.

NOTE 1: IP Deny Manager is available for all shared hosting plans starting from the Professional/Stellar Plus one. So if you have a Value/Stellar plan with us, you should set denying rules in the .htaccess file manually.

NOTE 2: Sometimes, it is easier to block all and allow access for certain IPs. Such rules are to be manually configured in the .htaccess file, as IP Deny Manager provides the possibility only to block IPs.

NOTE 3: IP Deny Manager blocks access to all hosted domains and services under your account.


To block an IP automatically, follow the steps below:

1. Log in to your cPanel and navigate to Security section > IP Blocker menu.




2. Enter the IP address that should be blocked into IP Address or Domain field and click on Add button. It will be added to the list of blocked IPs.
You can always unblock the IP by clicking Delete next to the IP address in question.









Below you can find several examples for manual blocking configuration.

These lines need to be added to the .htaccess file under all existing rules

  • block users with the X.X.X.X IP address, allow access to everybody else:

   <RequireAll>
          Require all granted
          Require not ip X.X.X.X
         </RequireAll>


  • block all visitors except for the specific admin IP for example, or yourself

   <RequireAll>
           Require all denied
           Require ip X.X.X.X
           Require ip Y.Y.Y.Y
        </RequireAll>


  • redirect visitors from X.X.X.X IP address to another URL

RewriteCond %{REMOTE_HOST} ^X\.X\.X\.X$
      RewriteRule .* http://example.com [L,R=301]


  • redirect all requests, except for the ones coming from X.X.X.X IP address to another URL

RewriteEngine On
      RewriteBase /
      RewriteCond %{REMOTE_HOST} !^X.X.X.X
      RewriteRule .* http://example.com [R=302,L]



Do not forget to replace X.X.X.X with the IP address you would like to allow or block.


To block/allow access from a specific country, you need to list all IP subnetworks that belong to this country.
This can be quite challenging for manual configuration, so it is recommended to use special online tools that have access to such country-specific IP databases.

Example of such an online resource is here.
You will need to choose the country and then copy the generated code to your .htaccess file.

The code will look like as follows:

  • block access from a specific country

<RequireAll>
         Require all granted
        Require not ip 81.52.168.0/23
         ...
        Require not ip 188.138.10.163/32
       Require not ip 188.138.78.129/32
     </RequireAll>


  • allow access from one specific country

<RequireAll>
        Require all denied
        Require ip 81.52.168.0/23 ... 188.138.10.163/32 188.138.78.129/32
      </RequireAll>




That's it!


            Need any help? Contact our Helpdesk
 

Updated
Viewed
44829 times

Need help? We're always here for you.

notmyip