HostArmada Web Hosting Knowledge Base

Knowledge is power! Use that power and achieve total and unconditional control over the Web Hosting Services!

How can I deny or allow access to my website using the .htaccess file?

This article presumes that you already know what a .htaccess file is, and you know how to use it. If this is not the case, please check our article on a .htaccess file and where I can find it.

The Apache web server utilizes a configuration file called ".htaccess" to define specific rules or directives that change the behavior of the webserver in certain situations or use one of its many modules. One handy use is allowing or denying IP addresses to view your websites through the web. For example, denying IP addresses using .htaccess can be useful when building a website, but you are not ready to show it online yet. In that case, you can deny access to everyone and allow access to yourself, your developers, or co-workers until you finish building your project. Let's review this situation in particular and teach you how you can deny everyone and allow a single IP address.

How to allow an IP address using .htaccess and deny everyone

Let's imagine your IP address is 4.3.2.1, and you would like to give exclusive access to it, preventing anyone else from visiting the website. Please open your .htacces file and place the following snippet of code inside:

Deny from All
Allow from 4.3.2.1 

The first line of code enables .htaccess to deny access to everyone. The second line of code signifies that the IP address defined there is allowed to visit the website. Therefore, when using this piece of code, please replace the "4.3.2.1" IP address with your own to gain access to your site and prevent everyone else from viewing it. 

Similarly, if you would like to allow more than one IP address, please add another "Allow from <IP>" line where you should replace "<IP>" with the actual IP address you would like to allow. For example:

Deny from All
Allow from 4.3.2.1 
Allow from 2.3.4.1
Allow from 3.4.2.1

How to deny an IP address using .htaccess and allow everyone

Let's explore the opposite situation now. You want to allow everyone but deny access to a single IP address, which you have found out has been causing trouble on the site, such as scraping content, brute-forcing your passwords, or abusing your registration forms. Please open your .htaccess file and place the following snippet of code inside:

Allow from All 
Deny from 4.3.2.1

The first line of code will allow access to everyone, however, it is optional, and you can skip it. The second line of code is mandatory and will deny access to the listed IP address. Similarly, you can deny access to more than one IP address - repeat the second line for each IP address you would like to get blocked.

Was this article useful and on point?

Find out more about HostArmada entire range of optimized Web Hosting Services and take action today on improving your website Loading Speed, Security, and overall Stability!