Paulund

Blacklist IP Addresses With htaccess

Here is a good snippet to add to your htaccess file to completely block spammers from your site. If you have a Wordpress site you could get a lot of spam comments, it can take up a lot of time of your day to go through and delete these spam comments. There are a few plugins you can use to delete these spam comments for you or you can use htaccess to block the spammers from even getting to your site. On the Wordpress comment page it will record the IP Address, if you know this user is a spammer you can copy the IP Address into your htaccess to block them from ever coming back. Copy and paste the following and replace with the IP address you want to the deny from xxx.xxx.xxx.x.


<Limit GET POST PUT>
order allow, deny
allow from all
deny from 123.123.123.1
deny from 555.555.555.5
deny from 000.000.000.0
</Limit>

If you want to disable access to a certain file using htaccess use the following snippet to block access to the login page.


<files wp-login.php>
order deny,allow
deny from all
</files>

This functionality is really useful when you are developing a new site and want to place this on a live server but don't want it to be accessible to the outside world. Using this code you can block anyone from seeing your site unless they have a certain IP address. Therefore you can open the site to your designers, testers, your wireless network, HTML validators etc to test your site throughout before it gets opened up to the public.


<Limit GET POST PUT>
     Order Deny,Allow
     Deny from all
     
     # Designer IP
     Allow from 111.222.333
          
     # Tester IP
     Allow from 777.888.999
     Allow from 123.456.789
     Allow from 456.789.123
     Allow from 789.123.456
     
     # Wireless
     Allow from 000.111.222
     
     # W3C CSS & HTML validators
     Allow from 654.789.321
</Limit>