How to Block IP Address in WordPress? Best Solutions [2023]

Do you want to keep your WordPress website safe? The security of your website is of utmost importance to you. There are several ways to keep your website safe, the best so far is by blocking IP addresses which can cause Denial of service attacks or Brute force attacks. You can prevent hacking assaults on your website and even block spam comments. In this article, we have demonstrated how you can block IP WordPress addresses.

Before moving on to the blocking, you must know when you can block IP address. Let’s have a look at the reasons why you need to block IP WordPress addresses.

Blocking IP Addresses Using a Plugin

When it comes to the security of your website, you cannot compromise it. The blocking of IP addresses manually is time-consuming and it is not possible as you won’t have the time every day. Every day there are hundreds of attempts, so you have to be on alert all the time. This is why you need to have a plugin IP address blocker. It will save you from all the hassles and unnecessary work. Stopping an attack is a challenging task because the hackers use proxy servers with various IP addresses. They try to get access to your site by hitting it with numerous usernames and passwords.

You can install any one of the various WordPress Security plugins available. It will help you prevent unwanted bots from accessing your website. As a result, you can decrease the load on the server because these bots will not use your bandwidth and server resources.

Steps to Use Plugin

The plugins are very easy to install, you can follow these simple steps to install the plugin.

  • First, you have to install the plugin from the repository of WordPress.
  • You have to activate the plugin.
  • The plugin will be listed in the Settings among other options.
  • Once you have activated it, you can find options for blocking the IP addresses, user agents, and many other things.

Using cPAnel to Block IP Addresses

Another great way to block IP WordPress addresses is by using cPanel. This is an easy method that will help you keep your website safe from hackers and DDOS assaults. It will ban the users from visiting your site. All you have to do is follow these steps.

Step 1

The first step is to log into the cPanel of the WordPress.

log into the cPanel
log into the cPanel

Step 2

You must go to the Settings section and open the ‘IP Blocker’.

IP Blocker
IP Blocker

Step 3

In the IP Address Deny Manager tool, you can add the addresses you wish to ban. Once, you have mentioned the IP addresses, you can click add.

 IP Address Deny Manager tool
Add an IP or Range

Blocking IP Addresses Through .htaccess

You can even block the IP addresses manually by using .htaccess. All you need is access to the file system and you can ban any IP address without any difficulty. You have to open the .htaccess and write the following lines at the start.

order allow, deny

deny from

allow from all

After this, you have to save the file. This will prevent the users from this IP address from having access to your website as long as it remains intact.

Therefore, in a few simple ways, you can block IP WordPress addresses. It is very easy to protect your website from hackers, malicious viruses, and DDOS attacks. You can choose the method that suits your preferences and requirements.

When to Block IP Address

If you want to get rid of Distributed Denial of Service (DDOS) attacks, unwanted guests, hacking assaults, Brute force attempts on your login page, and spam comments, the best solution is blocking IP addresses. When you cannot reach the page, it might be because your website is under a DDOS attack and your server is overloaded with requests from a few IP addresses. Other attacks might include getting spam comments or getting spam emails. To keep your website protected, you need to block IP addresses.

How to Find the IP Address You Want to Block

The first thing you have to do when blocking an IP address is to find the IP address that you need to block. The hackers are very smart, they use different IP serves to launch an assault on your website. In order to stop them from harming your site, you must know the IP address.

Find IP from WordPress Admin

Find IP from WordPress Admin
Find IP from WordPress Admin

If you are getting spam comments, you can see the IP address from the comments section (as seen above). All the comments mention the IP address that was used to post the comments.

To block these IPs you can go to the WordPress admin Dashboard, then click on settings. Open the discussion and click on the comment blacklist. Enter the list of IPs you wish to blacklist here. This will block IP WordPress in the comments.

Block IP address
Block IP address

Find IP from Server Access Logs

Block IP Address
Block IP Address

Furthermore, every provider of web hosting services makes access logs. This is to have a record of all the IP addresses that have access to your WordPress website. You can log in to the server via SSH or even through the cPanel of the hosting service and find the Access Logs. Here you can see the archived logs of each request to the site along with a timestamp and IP from which the request came from.

In case your WordPress website is under a DDOS assault, you can track the IP address depending on the server logs. The server logs have a list of all the IP addresses that have access to your site. These logs will have a list of legit users and Google bots as well.

Are you wondering how will you know if the IP address is legit or not? You can find the suspicious IP addresses by checking the files they tried to access and doing a background check. Also if you see the same IP accessing the site a number of times within a small fraction of time, then it is a high possibility that there is an attack in place from that IP

However, when you are blocking the IP address, you must be very careful. This is because you don’t want to block legitimate users. It is recommended to use a Limit Login Attempts plugin on your website. These plugins are free and you can have a restriction on the attempts made to log in.

Leave a Reply

Your email address will not be published. Required fields are marked *