d3ft.com

Ever had somebody (or, more likely, something) constantly hitting your website and wasting your precious internet resources? Then you have some options with Apache and .htaccess. This little tutorial will show you how to block an IP address.

Note: this will stop access to your site, not keep a site from finding your IP.

First, get a website. Got that? Good.

Now, make sure you have some sort of Apache server. If you’re not sure you have one, the rest of this won’t make much sense. If that’s the case, just go back and let your kid read the rest of this.

For those of you still with me, you’ll need to upload a file to your server called an .htacccess file. It’s simply an extension that tells the server what to do with all your files (Here’s some info from Apache). This is where the magic happens.

Inside that .htaccess file, you set up some variables to create certain events. If you use WordPress like I do, there is one uploaded when you install it. It’s in the top-level directory, just sitting there. Other content management systems use an .htaccess file as well, like Textpattern, Expression Engine, and Dupral.

If you open the file, you’ll see there’s some WordPress (or them other things’) specific code. Don’t fiddle with that. Just leave it be, because the part that the blogging software uses doesn’t really have much effect on what you are going to do.

I found this at JavaScript Kit, and it’s a wonderful way to keep the spammers, scammers, and scrapers off your site. Inside your .htaccess file, put this:

order allow,deny
deny from 123.45.6.7
deny from 012.34.5.
allow from all

This is how you deny by IP address. Find the offending IP address you want to stop, put it there, and that singular address will never be able to get to your site.