This guide explains how to block access to certain directories of a Web Hosting for certain visitors / robots / crawlers by filtering and blocking their IP addresses or hostnames.

Implement .htaccess rules

Create a document .htaccess at the root of your site and enter the rules intended to block certain IP addresses or bots.

To block visitors based on, for example, the beginning of their IP address, use the directive "deny from":

Order Deny,Allow
Deny from 123.456.
Allow from all

This means that all requests from an IP address starting with "123.456." will be denied, while all other requests will be allowed. Blocked users will receive an HTTP 403 Forbidden error message.

Block a specific IP address

Order Allow,Deny
Deny from 123.456.789
Allow from all

This means that only one IP address, 123.456.789, is blocked and all other IP addresses can access the site.

Blocking multiple IP addresses

Order Allow,Deny
Deny from 123.456.789
Deny from 987.654.321
Allow from all

This means that two IP addresses, 123.456.789 and 987.654.321, are blocked and all other IP addresses can access the site.

Block a bot by its user-agent

SetEnvIfNoCase User-Agent "BadBot" BadBot
Order Allow,Deny
Deny from env=BadBot
Allow from all

This means that any bot identified with a user-agent "BadBot" will be blocked and all other users can access the site.

Block access to a specific folder

Order Allow,Deny
Deny from all

This means that all access to the folder "/folder" will be blocked, regardless of the IP address or user-agent. A similar assistant is available on your Infomaniak Manager.

mod_rewrite directives

You can also use the mod_rewrite directive to block certain IP addresses or bots in a .htaccess file.

Here are some examples:

Block a specific IP address

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^123\.456\.789\.
RewriteRule ^(.*)$ - [F,L]

This means that only one IP address, 123.456.789, is blocked and all other IP addresses can access the site.

Block several IP addresses

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^123\.456\.789\. [OR]
RewriteCond %{REMOTE_ADDR} ^987\.654\.321\.
RewriteRule ^(.*)$ - [F,L]

This means that two IP addresses, 123.456.789 and 987.654.321, are blocked and all other IP addresses can access the site.

Block a bot by its user-agent

RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} BadBot [NC]
RewriteRule ^(.*)$ - [F,L]

This means that any bot identified with a user-agent "BadBot" will be blocked and all other users can access the site. This can be useful to prevent unwanted robots from accessing certain pages or consuming resources unnecessarily.

Block access to a specific folder

RewriteEngine on
RewriteRule ^dossier/secret - [F,L]

This means that all access to the folder "/dossier/secret" will be blocked, regardless of the IP address or user-agent.

Block and redirect elsewhere

RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^123\.456\.789\.
RewriteRule ^(.*)$ http://www.domain.xyz/blocked.html [L,R=301]

This means that all requests from the IP address 123.456.789 will be redirected to the page "blocked.html" on the site "www.domain.xyz". The last part of the line RewriteRule, [L,R=301] indicates that the redirection is permanent (R=301) and that this is the last rule to be applied (L).

You can add multiple conditions RewriteCond to block different IP addresses and redirect to different pages.

Also, refer to this other guide.