This guide will show you how to use two methods to help keep your site secure, the first is how to restrict website access with cPanel IP Blocker and the second using .htaccess. cPanel is included with your Domains.co.za Web Hosting plan. Blocking website access allows you to protect sensitive areas, block malicious traffic and unwanted visitors, or limit site access during and after development.
TABLE OF CONTENTS
How to Restrict Website Access with cPanel IP Blocker
The cPanel IP Blocker is a security feature within the cPanel control panel that allows you to restrict website access by preventing individual or ranges of IP addresses from accessing your site.
When you block an IP address using the IP Blocker, cPanel automatically adds rules to your website’s .htaccess file. This file instructs your web hosting server to deny access to any requests from the blocked address, usually returning a 403 Forbidden status code.
It is a beginner-friendly way to add and remove blocked addresses from a list, compared to manually editing the .htaccess file. Follow these simple steps to block specific IP addresses directly from your cPanel dashboard:
1. Login to your Domains.co.za account.
2. Click on Manage Services on the left-hand side and select Web Hosting from the drop-down menu.
3. Click Manage next to your website’s domain name.
4. Next, click the Login button next to Control Panel to access your cPanel dashboard.
5. Scroll down to the Security section and click on IP Blocker.
6. Enter the IP address, IP range, or CIDR (Classless Inter-Domain Routing) you want to block. For example:
Single IP: 192.168.0.1
IP Range: 192.168.0.1-192.168.0.100
CIDR: 192.168.0.0/24
7. Click Add. The blocked IPs will no longer be able to access your website.
How to Restrict Website Access Using .htaccess
If you want more control or need to allow only specific users, you can create custom access rules using the .htaccess file. This is a more advanced method and is recommended for those comfortable with server configurations and directives.
1. Access your cPanel dashboard, scroll to the Files section and click the File Manager.
2. Navigate to the public_html folder (or the specific directory you want to protect).
3. Find or create the .htaccess file, then right-click it and select Edit.
4. Add one of the following rules:
Block a Single IP
Order Allow,Deny
Deny from 192.168.0.1
Allow from allAllow Only Your IP (block all others)
Order Deny,Allow
Deny from all
Allow from 192.168.1.100Block Multiple IPs
Order Allow,Deny
Deny from 192.168.0.1
Deny from 10.0.0.2
Deny from 172.16.0.5
Allow from allBlock an IP Range
Order Allow,Deny
Deny from 192.168.0.0/24
Allow from all
5. Save your changes and test your website access.
IMPORTANT:
Be very careful when editing the .htaccess file, especially the “allow only your IP” configuration, as you could lock yourself out if your IP changes or if there’s a typo in the IP address.
Additional Information
Why Restrict Website Access With IP Blocking
Blocking IP addresses helps enhance website security by preventing unwanted visitors and undesirable traffic from accessing your content, such as:
- Malicious Bots: Bots that attempt to scrape your content, Distributed Denial-of-Service Attacks, or exploit vulnerabilities.
- Spammers: Users or automated systems that leave unwanted comments or try to inject malicious code.
- Hackers: Cybercriminals attempting to gain unauthorised access to your website and sensitive data.
- Resource Hogs: Visitors or bots that consume excessive bandwidth, potentially impacting the performance of your website for legitimate users.
To undo a block, remove the IP from the list in the IP Blocker or delete the rule from your .htaccess file. Additionally, you can combine IP blocking with directory password protection in cPanel for an extra layer of security.
