This guide explains how to block access to certain directories of a Web Hosting for certain visitors / robots / crawlers by filtering and blocking their IP addresses or hostnames.

Setting up .htaccess rules

Create a .htaccess document at the root of your site and enter the rules intended to block certain IP addresses or bots.

To block visitors based for example on the beginning of their IP address, use the directive "deny from":

Order Deny,Allow
Deny from 123.456.
Allow from all

This means that all requests from an IP address starting with "123.456." will be denied, while all other requests will be allowed. Blocked users will receive an HTTP 403 Forbidden error message.

Block a specific IP address

Order Allow,Deny
Deny from 123.456.789
Allow from all

This means that a single IP address, 123.456.789, is blocked and all other IP addresses can access the site.

Block multiple IP addresses

Order Allow,Deny
Deny from 123.456.789
Deny from 987.654.321
Allow from all

This means that two IP addresses, 123.456.789 and 987.654.321, are blocked and all other IP addresses can access the site.

Block a bot by its user-agent

SetEnvIfNoCase User-Agent "BadBot" BadBot
Order Allow,Deny
Deny from env=BadBot
Allow from all

This means that any bot identified with a user-agent "BadBot" will be blocked and all other users can access the site.

Block access to a specific folder

Order Allow,Deny
Deny from all

This means that all accesses to the folder "/folder" will be blocked, regardless of the IP address or user-agent. An assistant for a similar feature is available in your Infomaniak Manager.

mod_rewrite directives

You can also use the mod_rewrite directive to block certain IP addresses or bots in a .htaccess file.

Here are a few examples:

Block a specific IP address

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^123\.456\.789\.
RewriteRule ^(.*)$ - [F,L]

This means that a single IP address, 123.456.789, is blocked and all other IP addresses can access the site.

Block multiple IP addresses

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^123\.456\.789\. [OR]
RewriteCond %{REMOTE_ADDR} ^987\.654\.321\.
RewriteRule ^(.*)$ - [F,L]

This means that two IP addresses, 123.456.789 and 987.654.321, are blocked and all other IP addresses can access the site.

Block a bot by its user-agent

RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} BadBot [NC]
RewriteRule ^(.*)$ - [F,L]

This means that any bot identified with a user-agent "BadBot" will be blocked and all other users can access the site. This can be useful to prevent unwanted robots from accessing certain pages or from consuming resources unnecessarily.

Block access to a specific folder

RewriteEngine on
RewriteRule ^dossier/secret - [F,L]

This means that all accesses to the folder "/folder/secret" will be blocked, regardless of the IP address or user-agent.

Block and redirect elsewhere

RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^123\.456\.789\.
RewriteRule ^(.*)$ http://www.domain.xyz/blocked.html [L,R=301]

This means that all requests from the IP address 123.456.789 will be redirected to the page "blocked.html" on the site "www.domain.xyz". The last part of the line RewriteRule, [L,R=301] indicates that the redirection is permanent (R=301) and that this is the last rule to be applied (L).

You can add multiple conditions RewriteCond to block different IP addresses and redirect to different pages.

Also refer to this other guide.