Blocking users by IP address using .htaccess

Should you find that a few unruly visitors are causing you problems by posting unwanted messages via guestbooks, forums and/or contact forms it is possible to ban or block specific IP addresses from accessing any content on your site using .htaccess directives.

To implement such a ban add the following to the .htaccess file in your public_html directory replacing the example IP addresses with the actual IP(s) you wish to block (you can add as many IP addresses as is necessary, just add separate "deny from" lines for each):

order deny,allow
deny from 123.45.67.89
deny from 98.76.543.21

Another possible method would be to redirect by IP rather than block, instead of resulting in an access denied/forbidden message the following added to an .htaccess file in your root public_html folder would result in users from that IP address being redirected to the URL you specify:

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^123.45.67.8
RewriteCond %{HTTP_HOST} !^$
RewriteRule /*
http://www.goaway.com/ [R,L]

You can use either an actual existing domain (goaway.com, getlost.com) or you can use a "dead" URL. Note that redirecting to a non-existant site will result in the visitor getting a "The page cannot be displayed" message with the original URL in their address bar as if your site was offline. In a situation in which you don't want them to go away mad (you just want them to go away) that might be the best option.

Things to Note

Keep in mind that none of these options are perfect. First of all, if the misbehaving visitor is a subscriber to one of the many ISPs which use DHCP to dynamically assign IP addresses then there's no way that you can block them (at least not without blocking all users of that ISP), and even if the user commonly uses a static IP which can be blocked if they are determined to get to your site, they can by using any one of a number of proxy server sites or "anonymizer" programs.

As a general rule it's best to only take such actions as a last resort if/when all attempts at diplomacy and discussion fail...folks who are inclined to cause trouble to begin with are likely to take any attempt to ban them as a challenge and a less than effective attempt to ban someone may only serve to escalate the confrontation. As circumventing an IP ban isn't all that difficult you have to expect that the user(s) you block WILL be back, and with a bigger axe to grind than before.

Also be aware that as far as banning users from forums, most of the popular forum scripts such as phpBB et al will include an option to block users by IP address within the administrator's control panel so if the problem is limited to forum posting you can try that for starters.

Was this answer helpful?

 Print this Article

Also Read

Introduction to .htaccess

What is .htaccess? The Apache Web server utilizes a per-directory access and configuration...

How do I re-direct non-https traffic to the https version of the website?

To re-direct a single site from http:// to https:// or https://www you would add the following...

How to create a user-friendly URL using .htaccess?

If your website is using a long URL like example.com/files/folder/sitemap.html, you can change it...

Setting a default index page using .htaccess

By default our servers will look for (in order) a file by the name of index.html, index.cgi,...

Redirection using .htaccess

Most websites are constantly changing "works in progress" and as one updates, rearranges and...