How to Block IP Address in WordPress

Posted by & filed under Web Servers, WordPress.

Block IP address

Do you want to keep your WordPress website safe? The security of your website is of utmost importance for you. There are several ways to keep your website safe, the best so far is by blocking IP addresses which can cause Denial of service attacks or Brute force attacks. You can prevent hacking assaults on your website and even block spam comments. In this article, we have demonstrated how you can block IP WordPress addresses.

Before moving onto the blocking, you must know when you can block IP addresses. Let’s have a look at the reasons why you need to block IP WordPress addresses.

When to Block IP Address

If you want to get rid of the Distributed Denial of Service (DDOS) attacks, unwanted guests, hacking assaults, Brute force attempts on your login page and spam comments, the best solution is blocking IP addresses. When you cannot reach the page, it might be because your website is under a DDOS attack and your server is overloaded with requests from a few IP address. Other attacks might include getting spam comments or getting spam emails. For keeping your website protected, you need to block IP these addresses.

How to Find the IP Address You want to Block

The first thing you have to do when blocking an IP address is to find the IP address that you need to block. The hackers are very smart, they use different IP serves to launch an assault on your website. In order to stop them from harming your site, you must know the IP address.

Find IP from WordPress Admin

If you are getting the spam comments, you can see the IP address from the comments section (as seen above). All the comments mention the IP address that was used to post the comments.

To block these IPs you can go the WordPress admin Dashboard, then click on settings. Open discussion and click on comment blacklist. Enter the list of IPs you wish to blacklist here. This will block IP WordPress in the comments.

Block IP address

Find IP from Server Access Logs

Block IP Address

Furthermore, every provider of web hosting service makes access logs. This is to have a record of all the IP addresses that have access to your WordPress website. You can login to the server via SSH or even through cPanel of the hosting service and find the Access Logs. Here you can see the archived logs of each request to the site along with a timestamp and IP from which the request came from.

In case your WordPress website is under a DDOS assault, you can track the IP address depending on the server logs. The server logs have a list of all the IP addresses that have access to your site. These logs will have a list of legit users and Google bots as well.

Are you wondering how will you know the IP address is legit or not? You can find the suspicious IP addresses by checking the files they tried to access and do a background check. Also if you see the same IP accessing the site a number of times within a small fraction of time, then it is a high possibility that there is an attack in place from that IP

However, when you are blocking the IP address, you must be very careful. This is because you don’t want to block legitimate users. It is recommended to use a Limit Login Attempts plugin on your website. These plugins are free and you can have a restriction on the attempts made to log in.

Blocking IP Addresses Using a Plugin

When it comes to the security of your website, you cannot compromise it. The blocking of IP addresses manually is time-consuming and it is not possible as you won’t have the time every day. Every day there are hundreds of attempts, so you have to be on alert all the time. This is why you need to have a plugin IP address blocker. It will save you from all the hassles and unnecessary work. Stopping an attack is a challenging task because the hackers use proxy serves with various IP addresses. They try to get access to your site by hitting it with numerous usernames and passwords.

You can install any one of the various WordPress Security plugins available. It will help you prevent unwanted bots from accessing your website. As a result, you can decreases the load on the server because these bots will not use your bandwidth and server resources.

Steps to Use Plugin

The plugins are very easy to install, you can follow these simple steps to install the plugin.

  • First, you have to install the plugin from the repository of WordPress.
  • You have to activate the plugin.
  • The plugin will be listed in the Settings among other options.
  • Once you have activated it, you can find options for blocking the IP addresses, user agents, and many other things.

Using cPAnel to Block IP Addresses

Another great way to block IP WordPress addresses is by using cPanel. This is an easy method that will help you keep your website safe from hackers and DDOS assaults. It will ban the users to from visiting your site. All you have to do is follow these steps.

Step 1

The first step is to log into the cPanel of the WordPress.

Step 2

You must go to the Settings section and open the ‘IP Blocker’.

Step 3

In the IP Address Deny Manager tool, you can add the addresses you wish to ban. Once, you have mentioned the IP addresses, you can click add.

Blocking Through .htaccess

You can even block the IP addresses manually by using .htaccess. All you need is an access to the file system and you can ban any IP address without any difficulty. You have to open the .htaccess and write the following lines at the start.

order allow, deny

deny from 96.42.14.13

allow from all

After this, you have to save the file. This will prevent the users from this IP address to have access to your website as long as it remains intact.

Therefore, in few simple ways, you can block IP WordPress addresses. It is very easy to protect your website from hackers, malicious viruses and DDOS attacks. You can choose the method that suits your preferences and requirements.

Leave a Reply