Tuesday, February 21, 2012

Using the .htaccess File to Block IP Access

Posted by Arun Sawant at 10:29 PM
Using a .htaccess file will grant you greater control over your website, such as safe guarding it from hacking attempts or even keeping out spammers who may frequent your website. A great feature of using a .htaccess file is the ability to populate it with single IP addresses or entire IP ranges, effectively blocking those IP's from being able to access your server. This article will explain how to implement this via the .htaccess file.

You will need to log into your Linux server directly using SSH. If you are not familiar on how to do this, we have articles on how to implement this on both Windows and Mac.

To create the .htaccess file, you need to create a text file with any Linux editor. The file must be called .htaccess and it must exist in the root directory of the website you want to deny access to.

In the file, there is a specify format you must adhere to. To block both single IP's and IP ranges, you must include the following;

order allow,deny - The rule set
deny from 192.168.1 - IP you want to block
deny from 24.0.0.0/23 - IP Range you want to block

Please note to block an IP Range, you must know the subnet.

You can also specify a deny all and allow rule set as well;

order deny,allow - The rule set
deny from all - Deny access from all IP's.
Allow from 192.12.4.1 - IP you want to allow.

An example of a file blocking IP address 1.2.3.4 and a subnet 2.0.x.x is below:


order allow,deny
allow from all
deny from 1.2.3.4
deny from 2.0.

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)