WordPress website security is the top main factor for every user. You have been always looking for the ways to get rid of malicious users and bots, which will target your website with some spam or steal your website critical information. So this always requires you learn about how to block IP address in your WordPress website.
Best possible solution is to block the specific IP address from accessing your website or some specific feature by adding them in the Blacklist. For example you need to block a spam comments, you simply need to put that IP in blacklist that will create a red flag for that IP address and bans them from comments section.
In this article, we are going to show you how to block IP address by using blacklisting technique and benefits of using them. We will also discuss about different ways to block IP using plugins. Let’s get started.
Blacklisting Brief Introduction
Every visitor on your website has its IP address associated with them which specifies the particular internet connection and remains same for that specific user. By this way you have a close eye on every user by IP address and noticed for any suspicious activity.
Below we are going to highlight the examples of red flags that indicates the user from specific IP address is Potentially harmful:
1. Multiple repeated login attempts on your website indicates that someone is trying to hack your website.
2. Posting of spam comments from same user/specific IP address.
3. Accessing unauthorized information by unknown or role based user.
If you are facing any of these activities on your website, you can simply put them in blacklist to avoid doing any further this type of suspicious activity from that specific IP address. By doing this, it will totally block them or blocks the specific access on your website.
The alternate way to avoid this type of activity is whitelisting which is totally in contrast to blacklisting. In whitelisting, only specific IP addresses are allowed to access your website, rest all of them are blocked.
Methods for Blocking IP address
One of the method for doing this will be target based and block them from specific area on website while the other one block’s them from your entire website. Let’s have a look into these methods:
1. Block Specific IP Address Using Comments Section
The common cause for using blacklisting technique is to avoid spammers or bots posting unwanted or suspicious messages in comments section of your website.
Each comment posted on your website has its specific IP address which is shown in comments section under each username.
If you notice multiple or spam comments from same IP address either they are posted by different username. You will be able to simply block that specific address using comments black list feature in WordPress. To do this, navigate to Settings > Discussion and scroll down to Comment Blacklist section.
Here you can simply paste that specific address that you want to block and click save changes. This will block all the users from mentioned IP’s and they unable to comment on your website.
2. Completely Ban IP Address From Your Website
By doing this way, the blocked IP address will no longer be able to access your website.
To do that, simply login to your website via FTP or CPanel to edit .htaccess file for some changes.
Note: Please make sure to create a backup before proceeding as a safe side to prevent any loss on your website.
Here are going to show you using CPanel login.
First login to your website CPanel and navigate to File Manager under Files section.
Now open File Manager and look for .htaccess file in the root directory of your website. In order to view the .htaccess file, you have to enable show hidden files for settings section.
After navigating the .htaccess file right click and select edit to make changes. This will open the file in your default text editor.
Now, add the following lines at the bottom of file.
Allow from all
Deny from 000.111.000.111
Make sure to enter the IP that you want to block in last line. Here you can add multiple IP with same line as last one. Save the file, now users from list of IP addresses will be unable to access your website.