There are several reasons you might want to block an IP address from accessing your website. It could be to thwart an attack or to block bots from scraping or indexing your site. Maybe you have a persistently annoying visitor or a comment spammer. Whatever the reason, it’s possible to deny access to your site based on IP addresses.
You could block IP addresses by creating or editing a .htaccess file directly, but there is an easier way. You can use the cPanel IP Blocker. The IP Blocker does the .htaccess file editing for you through a simple, easy to use interface.
We’ll take you through the process step by step, but first, how do you know which IPs to block?
How to Find the Offending IPs
You can find IP addresses in the raw logs for your site. The logs contain the IP addresses and timestamps of each page or document request made to your site. So if you know the general time of the visit, you should be able to find the IP address.
How to Block IPs in cPanel
To open cPanel, Log into GreenGeeks and click the “cPanel” button in the “Quick Server Login” section.
In cPanel, scroll down to the “Security” section and click the “IP Blocker” link or icon.
The IP blocking form is pretty simple, just add the IP to the “IP Address or Domain” field and click the “Add” button.
When the IP is blocked, you’ll see a success message.
Now, if you scroll to the bottom of the IP Blocker page, you’ll see a list of blocked IPs.
You can click the “Delete” link or icon to remove a block.
As you can see, you can also block a domain name, though using an IP address is usually more precise and effective. You can also enter a partial IP address or an IP address range.
However, we recommend only blocking single, complete IP addresses. Blocking a range of IPs potentially prevents large numbers of visitors from accessing your site.
Note that the IP Blocker accepts IPv4 (192.168.0.1) and IPv6 (2001:0db8:0a0b:12f0:0000:0000:0000:0001) addresses, though your logs are more likely to contain IPv4 IPs.
A Potential Side-Effect of Blocking IP Addresses
Blocking access to your site by IP is a useful tool, but it’s also a broad and non-specific way to prevent access. Meaning when you block an IP address or range of IPs, you block everyone using those IPs, not just the malicious or destructive visitors.
In the case of blocking bots, that’s not usually a problem. They typically run on their own IPs. But when you are blocking an individual, that person likely shares an IP address with hundreds, if not thousands, of other users.
Don’t Just Block-and-Forget
One thing to keep in mind is your website’s .htaccess file is loaded every time a page or document is requested. A .htaccess file with a large number of entries can potentially slow down your site’s page loads.
IP blocking isn’t the only thing that .htaccess does. It’s also responsible for redirecting URLs, forcing incoming traffic to use HTTPS, password protection of directories, locating custom error pages, and other fundamental website configuration. So it’s easy to accumulate a lot of entries in a .htaccess file.
You may want to keep your IP blocking to a minimum, or at least review IP blocks from time to time to remove any unnecessary blocks. It’s not usually necessary to block an IP address permanently. Most bots and spammers will remove your site from their target list after a certain number of failures.
If you have any questions about IP blocking or any other aspect of your GreenGeeks account, don’t hesitate to contact a member of our Support Staff.