Every visitor on your website is identified by a unique physical address of the device they are using. This physical address is called an IP (Internet Protocol) address, and you can use it when you want to block access to your websites for a specific visitor or service. There could be numerous reasons why you would like to do that, but typically, the reason behind that could be the fact that the user/bot/service using the IP in question attacks the website with the sole purpose of causing damage to it, either by raising the website's visitors artificially or by making requests that could potentially exploit your website's code or database.
Thanks to the "IP Blocker" feature of cPanel, you will be able to easily block an IP address or an IP address range whenever such a situation presents itself. In the next lines of this tutorial, we will show you how that is done. Let us begin!
Before you can proceed with the "IP Blocker" feature, you will need to access the cPanel service. If you are not certain how that can be achieved, please check our tutorial "How to access the cPanel service?".
Once logged into the cPanel service, you will be presented with all the features cPanel has to offer, separated into different feature groups. To access the "IP Blocker" feature either use the search functionality at the top of the page or locate the "Security" features group where the "IP Blocker" feature is located.
Regardless of the way you locate the "IP Blocker" feature, please click on the icon when you find it, so you can proceed further with this tutorial.
Now that you have accessed the "IP Blocker" feature, let's see how to block a new IP address.
The first section available on the page is called "Add an IP or Range". It is located right under the "IP Blocker" label and the description provided by cPanel for the functionality you are currently using.
This section allows you to add an IP address or range of IP addresses to your website's block list.
To provide a little more clarity on the matter, let us explain how does cPanel actually block the IP address/range when you use this functionality. Typically, when an IP address is being blocked on a server level, this is done via the Firewall of the server. This means that the block is applied on a server level and any connections attempted by the blocked IP address will be denied.
However, this is not the case with cPanel.
Blocking an IP address in cPanel is done on a Web Server level. This means that the connection from the blocked IP address is still performed. However, the Web Server will return a 403 status code on any request performed by that IP address. The 403 Status Code means that the IP address is forbidden from accessing the web resource it requests.
To be able to create such blocks, cPanel edits the main .htaccess file for your websites, which is located inside the "public_html" folder of your Web Hosting account. Depending on whether or not you are blocking a single IP address or a range of IP addresses, cPanel will add the following code to the .htaccess file:
<Files 403.shtml>
order allow,deny
allow from all
</Files>
deny from <IP Address>
If you are not sure what a .htaccess file is or where to locate it, we have a great article on the matter about what is an .htaccess file and where I can find it.
These are Web Server rules that instruct the Web Server whenever a request to websites in this folder is performed, the same should be denied.
Now that you know how blocking an IP address work, let's continue by adding a new IP address into the list of blocked IP addresses. To do that please enter the IP address or the range of IP addresses into the "IP Address or Domain" field and click on the "Add" button.
cPanel will then redirect you to a new page where you will be provided with a status message indicating whether or not the IP address has been blocked.
To release a blocked IP address, you will need to locate the IP address in the "Currently-Blocked IP Addresses" section, which is located at the bottom of the "IP Blocker" page. There, you will find a table containing all the IP addresses you have previously blocked.
Please note that if you have blocked IP ranges, cPanel will add multiple entries to the table. In order to release the blocked IP address range, you will have to remove all the entries you can find from the table.
Please find the IP address you would like to release and click the "Delete" button displayed in the final column of the table for each and every IP address.
cPanel will then redirect you to a brand new page in which you will have to confirm the deletion of the IP address you have chosen. Please click on the "Remove IP" button so you can finalize the process.
Once it is done, cPanel will display a status message indicating if the IP address was successfully removed from the list.
That's it! Congratulations! You now know how to block IP addresses from accessing your websites as well as how to release any blocks you have already added. If you are experiencing any error messages in the process of adding or removing IP addresses, please do not hesitate to contact our Technical Support Crew for further assistance on the case!
Nikola is an accomplished tech-savvy extraordinaire with over six years of experience in the web hosting field. He started as a customer care representative and quickly rose the ranks to become a support supervisor and, eventually - the head of the technical department in HostArmada. His deep understanding of the client's needs, combined with his technical knowledge, makes him the perfect man to create the ideal harmony between client satisfaction and professional problem-solving. You will often find him creating helpful tutorials, articles, and blog posts that help existing customers get around.