Oktoberfest Sale: Use code Savemore50 for 50% off all hosting plans!
Client Area
View Categories

How to Block an IP Address Using the .htaccess File on OzSpeed

4 min read

Blocking specific IP addresses using the .htaccess file is an effective way to prevent unwanted visitors, secure your website from malicious traffic, and restrict access to sensitive areas. This method is straightforward and can be done directly from your OzSpeed hPanel. Here’s a step-by-step guide on how to block IP addresses using the .htaccess file.

Step 1: Access the .htaccess File #

  1. Log in to your hPanel Dashboard at ozspeed.com.au.
  2. Go to Files > File Manager.
  3. Navigate to the public_html directory or the specific folder where you want to apply the IP block.
  4. Open the .htaccess file for editing. If it doesn’t exist, you can create a new .htaccess file:
    • Click “New File”, name it .htaccess, and click Create.

Tip: #

  • Make sure the .htaccess file is set to be viewable in your File Manager settings (hidden files option).

Step 2: Block a Specific IP Address #

To block a single IP address, add the following lines to your .htaccess file:

apacheCopy code# Block a specific IP address
<Limit GET POST>
    Deny from 192.168.1.1
</Limit>

Explanation: #

  • <Limit GET POST>: Specifies that the rule applies to GET and POST requests (most common types of HTTP requests).
  • Deny from 192.168.1.1: Blocks access from the specified IP address.

Tip: #

  • Add a comment (# Block a specific IP address) to remind you of the rule’s purpose.

Step 3: Block Multiple IP Addresses #

If you want to block multiple IP addresses, you can list them one after another:

apacheCopy code# Block multiple IP addresses
<Limit GET POST>
    Deny from 203.0.113.5
    Deny from 198.51.100.10
    Deny from 192.168.1.1
</Limit>

Explanation: #

  • Each Deny from line blocks an additional IP address.

Step 4: Block an IP Range #

To block an entire range of IP addresses, use a wildcard or CIDR notation:

Example 1: Using Wildcards:

apacheCopy code# Block an IP range using a wildcard
<Limit GET POST>
    Deny from 192.168.1.*
</Limit>
  • This blocks all IP addresses from 192.168.1.0 to 192.168.1.255.

Example 2: Using CIDR Notation:

apacheCopy code# Block an IP range using CIDR notation
<Limit GET POST>
    Deny from 203.0.113.0/24
</Limit>
  • This blocks a range of 256 IP addresses (e.g., 203.0.113.0 to 203.0.113.255).

Tip: #

  • Use a CIDR notation calculator if you’re not sure how to specify the range.

Step 5: Block IP Addresses Based on User Agent #

You can also block IP addresses that use specific user agents (e.g., bots or scrapers):

apacheCopy code# Block specific user agents
SetEnvIfNoCase User-Agent "BadBot" bad_bot
Deny from env=bad_bot

Explanation: #

  • SetEnvIfNoCase User-Agent: Matches a user agent string (e.g., “BadBot”).
  • Deny from env=bad_bot: Blocks any request that matches the specified user agent.

Tip: #

  • This method is useful for blocking unwanted bots or scrapers.

Step 6: Save and Test Your Changes #

  1. Click Save to apply the changes to your .htaccess file.
  2. Clear your browser cache or use Incognito mode to test the IP block.
  3. Try accessing the website from the blocked IP address (or use a VPN/proxy to simulate it). You should see a 403 Forbidden error.

How to Verify the Block: #

  • Check the Access Logs in hPanel’s Logs section to see if requests from the blocked IP are being denied.

Step 7: Unblock an IP Address (If Needed) #

If you want to remove the block for an IP address, simply delete the corresponding Deny from line in your .htaccess file and save the changes.

apacheCopy code# Remove this line to unblock the IP address
# Deny from 192.168.1.1

Troubleshooting Tips #

  1. 403 Forbidden Error for All Users:
    • Ensure you haven’t accidentally added Deny from all without specifying exceptions. This would block access for everyone.
  2. IP Address Not Blocked:
    • Double-check the IP address format and ensure there are no typos.
    • Verify the IP address using an IP lookup tool, as users may be accessing your site via a proxy or VPN.
  3. Slow Website After Adding IP Blocks:
    • If you have a long list of blocked IP addresses, it can slow down your site. Consider using a firewall service like Cloudflare for better performance.
  4. Testing the IP Block:
    • Use a VPN or proxy service to test the IP block from a different location.
    • Review the Access Logs to confirm that requests from the blocked IP are being denied.

Additional Tips: #

  • Rotate IP Block List Regularly: Update your blocked IP list based on recent suspicious activity.
  • Use a Security Plugin for WordPress: If you’re using WordPress, consider using a security plugin like Wordfence to manage IP blocking more easily.
  • Enable HTTPS: Make sure your website uses HTTPS to encrypt the connection and prevent attackers from bypassing IP blocks.
Updated on November 11, 2024

What are your Feelings

  • Happy
  • Normal
  • Sad

Leave a Reply

Your email address will not be published. Required fields are marked *