1000 FAQs, 500 tutorials and explanatory videos. Here, there are only solutions!
Restrict access to certain pages or directories
This guide explains how to block access to certain directories of a Web Hosting for specific visitors/robots/crawlers by filtering and blocking their IP addresses or host names.
.htaccess Rules
Create a .htaccess file at the root of your site and write the rules to block certain IP addresses or bots.
For example, to block only visitors using the beginning of their IP address, you can use the "deny from:
Order Deny,Allow
Deny from 123.456.
Allow from all
This means that all requests from an IP address starting with "123.456." will be denied, while all other requests will be allowed. Blocked users will receive an HTTP 403 Forbidden error message.
Blocking a Specific IP Address
Order Allow,DenyDeny from 123.456.789
Allow from all
This means that only one IP address, 123.456.789, is blocked, and all other IP addresses can access the site.
Blocking Multiple IP Addresses
Order Allow,Deny
Deny from 123.456.789
Deny from 987.654.321
Allow from all
This means that two IP addresses, 123.456.789 and 987.654.321, are blocked, and all other IP addresses can access the site.
Blocking a Bot by its User-Agent
SetEnvIfNoCase User-Agent "BadBot" BadBot
Order Allow,Deny
Deny from env=BadBot
Allow from all
This means that any bot identified with a user-agent "BadBot" will be blocked, and all other users can access the site.
Blocking Access to a Specific Directory
Order Allow,Deny
Deny from all
This means that all access to the "/directory" will be blocked, regardless of the IP address or user-agent.
mod_rewrite Directives
You can also use the mod_rewrite
directive to block certain IP addresses or bots in an .htaccess file.
Here are some examples:
Blocking a Specific IP Address
RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^123\.456\.789\.
RewriteRule ^(.*)$ - [F,L]
This means that only one IP address, 123.456.789, is blocked, and all other IP addresses can access the site.
Blocking Multiple IP Addresses
RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^123\.456\.789\. [OR]
RewriteCond %{REMOTE_ADDR} ^987\.654\.321\.
RewriteRule ^(.*)$ - [F,L]
This means that two IP addresses, 123.456.789 and 987.654.321, are blocked, and all other IP addresses can access the site.
Blocking a Bot by its User-Agent
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} BadBot [NC]
RewriteRule ^(.*)$ - [F,L]
This means that any bot identified with a user-agent "BadBot" will be blocked, and all other users can access the site. This can be useful to prevent unwanted bots from accessing certain pages or unnecessarily consuming resources.
Blocking and Redirecting Elsewhere
RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^123\.456\.789\.
RewriteRule ^(.*)$ http://www.domain.xyz/blocked.html [L,R=301]
This means that all requests from the IP address 123.456.789 will be redirected to the "blocked.html" page on the "www.domain.xyz" site. The last part of the RewriteRule line, [L,R=301], indicates that the redirection is permanent (R=301) and that it is the last rule to be applied (L).
You can add multiple RewriteCond conditions to block different IP addresses and redirect to different pages.
Also, read this guide (click here).