Block Spam IPs

TL;DR

This guide shows you how to block specific IP addresses from accessing your websites using either your website’s control panel (like cPanel) or by editing your server’s configuration file (.htaccess). Blocking unwanted IPs helps protect against spam, brute-force attacks and malicious activity.

Blocking Spam IPs

1. Identify the IP Address: First, you need to know the IP address you want to block. This is usually found in your website’s access logs or from security monitoring tools.
2. Choose a Method: You can block IPs using:
   • Your Website Control Panel (e.g., cPanel, Plesk) – Easier for beginners.
   • The .htaccess file – More flexible but requires server access and caution.

Method 1: Blocking IPs via Your Website Control Panel (cPanel Example)

These instructions are generally similar across most control panels, but the exact wording might vary.

1. Log in to cPanel: Access your cPanel account using the login details provided by your hosting provider.
2. Find Security Section: Look for a section named “Security”, “IP Blocker” or similar.
3. Add IP Address: Enter the IP address you want to block in the designated field. Some control panels allow you to add multiple IPs at once, separated by commas.
4. Block: Click the “Block” or “Add” button to block the IP address. The change should take effect immediately.

   Note: cPanel often provides a list of blocked IPs for easy management.

Method 2: Blocking IPs via .htaccess File

Warning: Incorrectly editing your .htaccess file can cause your website to become inaccessible. Always back up the file before making changes!

1. Access Your Server Files: Use an FTP client (like FileZilla) or your hosting provider’s file manager to access your server files.
2. Locate .htaccess File: Find the .htaccess file in your website’s root directory (usually public_html). If you can’t find it, make sure hidden files are visible in your FTP client settings.
3. Edit .htaccess File: Open the .htaccess file with a text editor.

   Add the following lines to block an IP address:

   <Limit GET POST PUT>
   Order Allow,Deny
   Deny from [IP Address]
   Allow from all
   </Limit>

   Replace [IP Address] with the actual IP address you want to block. Add multiple blocks for different IPs.

   For example, to block both 192.0.2.1 and 10.0.0.5:

   <Limit GET POST PUT>
   Order Allow,Deny
   Deny from 192.0.2.1
   Deny from 10.0.0.5
   Allow from all
   </Limit>

4. Save and Upload: Save the changes to the .htaccess file and upload it back to your server, overwriting the existing file.
5. Test: Try accessing your website from the blocked IP address to confirm that it is blocked.

Important Considerations

• Dynamic IPs: Blocking dynamic IPs (IP addresses that change frequently) may not be effective long-term.
• Shared Hosting: Be cautious when blocking IPs on shared hosting, as you might accidentally block legitimate users.
• cyber security Tools: Consider using a cyber security plugin or service for more advanced protection against spam and malicious activity. These tools often include features like IP address blocking, firewall protection, and malware scanning.
• Regularly Review Logs: Regularly check your website’s access logs to identify and block new spam IPs.