How to block users from accessing your website based on their IP address


Blocking users by IP address is pretty simple with .htaccess.

here is the example:

Order allow, deny
Deny from 192.168.0.10
Deny from 212.155.
Deny from 1.2.3.4  5.6.7.8 127.0.0.1
Allow from all

Let’s take a look at the code line by line:

The first line “Order allow, deny” tells the web server the “Order” in which Allow and Deny directive will be evaluated. It simply says: Give access to all hosts that are not present in the Deny from list and are present in the Allow from list. With allow, deny order Allow list is looked up first and then the web server checks deny from list.

 So as we have allow from all – all access is allowed. Then the allowed access is filtered based on the Deny lists. With allow,deny access is disabled by default.

 If we change the order to “deny, allow” then all access is enabled by default and only users in the deny lists are blocked. However as the deny is being processed first allow directives will override any maching settings set in deny directives.

The default Apache order is deny,allow. So you can skip the first line in your .htaccess file if you do not need to change the order in which the Deny and Allow rules are being evaluated by the web server.

So to keep the .htaccess simple you can just use:
Deny from 192.168.0.10
Deny from 212.155.

Basically you can use such rules in your .htaccess file to block a particular user, or a network from accessing your site.

 You can put several IP address in a Deny or Allow rule. For example:

 Deny from 1.2.3.4   5.6.7.9

The IP addresses must be separated by a space or tab.
You can put entire networks as
Deny from 212.155.

This will block all users which IP addresses start with 212.155
Or to block all access to your site:
Deny from all

And then add another line to enable access only for yourself:
Allow from 1.2.3.4

Where “1.2.3.4” should be replaced with your computer IP address.

About Alex Hunt

Hi All I am Manish Kumar Jha aka Alex Hunt. I am currently working in VMware Software India Pvt Ltd as Operations System Engineer (vCloud Air Operations). I have around 5 Years of IT experience and have exposure on VMware vSphere, vCloud Director, RHEL and modern data center technologies like Cisco UCS and Cisco Nexus 1000v and NSX. If you find any post informational to you please press like and share it across social media and leave your comments if you want to discuss further on any post. Disclaimer: All the information on this website is published in good faith and for general information purpose only. I don’t make any warranties about the completeness, reliability and accuracy of this information. Any action you take upon the information you find on this blog is strictly at your own risk. The Views and opinions published on this blog are my own and not the opinions of my employer or any of the vendors of the product discussed.
This entry was posted in Apache. Bookmark the permalink.

One Response to How to block users from accessing your website based on their IP address

  1. navdeep says:

    thanx

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s