How to block users from accessing your site based on their IP address
Blocking users by IP address is pretty simple with .htaccess.
So here it is the example:
Order allow, deny
Deny from 192.168.0.10
Deny from 212.155.
Deny from 1.2.3.4 5.6.7.8 127.0.0.1
Allow from all
Let’s take a look at the code line by line:
The first line “Order allow, deny” tells the web server the “Order” in which the Allow and Deny directive will be evaluated. It simply says: Give access to all hosts that are not present in the Deny from list and are present in the Allow from list. With allow, deny order Allow list is looked up first and then the web server checks the deny from list. So as we have allow from all – all access is allowed. Then the allowed access is filtered based on the Deny lists. With allow,deny access is disabled by default.
If we change the order to “deny, allow” then all access is enabled by default and only users in the deny lists are blocked. However as the deny is being processed first allow directives will override any maching settings set in deny directives.
The default Apache order is deny,allow. So you can skip the first line in your .htaccess file if you do not need to change the order in which the Deny and Allow rules are being evaluated by the web server.
So to keep the .htaccess simple you can just use:
Deny from 192.168.0.10
Deny from 212.155.
Basically you can use such rules in your .htaccess file to block a particular user, or a network from accessing your site.
You can put several IP address in a Deny or Allow rule. For example:
Deny from 1.2.3.4 5.6.7.9
The IP addresses must be separated by a space or tab.
You can put entire networks as
Deny from 212.155.
This will block all users which IP addresses start with 212.155
Or to block all access to your site:
Deny from all
And then add another line to enable access only for yourself:
Allow from 1.2.3.4
Where “1.2.3.4” should be replaced with your computer IP address.
- How to block users from accessing your site based on their IP address
- How to prevent or allow directory listing?
- How to change the error documents – 404 Page Not Found, etc
- Using .htaccess for password protecting your folders
- Using .htaccess to block referrer spam
- Disable Hot-Linking of images and other files
- Redirect URLs using .htaccess
- Introduction to mod_rewrite and some basic examples
- Force SSL/https using .htaccess and mod_rewrite
- 301 Permanent redirects for parked domain names
- Enable CGI, SSI with .htaccess
- How to add Mime-Types using .htaccess
- Change default directory page
- Block Bad robots, spiders, crawlers and harvesters
- Make PHP to work in your HTML files with .htacess
- Change PHP variables using .htaccess
- HTTP Authentication with PHP running as CGI/SuExec
- Force www vs non-www to avoid duplicate content on Google
- Duplicate content fix index.html vs / (slash only)
Comments 23 >>
.htaccess
with a dot (.) at the begining
how many .htaccess files can I have in one folder?.
I already have one working for reading PHP script on html pages.
Thanks for your time
Regards
Lodovikus sintus
However, you can add as many statements in it as you wish.
If you already have a statement that makes HTML pages to work as PHP, then just add new lines for the other options that you need.
For .htaccess, type ".htaccess"
Remember to select 'All Files' from the 'Save as type' drop-down.
user conncted to my pc ip and my presnal
file use so u pls help me i block other ip
Deny from example.com
where you can replace the example.com
The problem is that if you block a group of IP addresses trying to stop one person from accessing your site (as in a malicious poster), you may start blocking those you don't want to block. What's more, IP addresses are often recycled, so you might end up blocking someone unintentionally.
I would like to display a page to those banned IP's explaining them WHY their IP is banned.
Is that possible? How?
Thanks for your valuable help.
I dont know to access .htaccess page
MY SITE
How can you block certain IP Addresses from accessing your site?
All you have to do is to add the file into the root of each directory that you have a website posted to. Each folder can have a unique .htaccess file.
To block a certain IP address from accessing your site, create or modify a .htaccess file for your site.
In the file include the following (this is from the example listed above on this page with a bit of explanation):
Order allow, deny
Deny from 192.168.0.10 (this being a sample IP address, replace with the specific address you want to block - you can add as many of these deny statements as you need)
Allow from all
i get error 500. i cant go to my own site i deleted htaccess file too.wat do i do?
I have a situation in our network, where I want to give access to a particular internet site to some of the pcs(around 20).We are using a firewall where there is no web filter facility.Can anyone give some idea ?How can I block all site and give access to only one particular site to those pcs?
Thanks
Munir
| Previous: Duplicate content fix index.html vs / (slash only) | Next: How to prevent or allow directory listing? |

order deny,allow
deny from xxx.xxx.xxx.xx
allow from all
I opened "notepad" and typed those lines above and saved it as .htaccess. The computer maded it a .txt file. I added it to my web page, uploaded it to my FTP then renamed it by taking out the .txt extension, which the other website said to do. Still no effect. What do I need to do here? I appreciate your help.