Deny access to IP addresses using .htaccess

Call Us 0800 107 7979

Service Status

Back to knowledgebase

17 December 2021

Apache has two directives that can be used to block (or allow) an IP address. Traditionally, Apache used the Allow, Deny and Order directives, which are part of the mod_access_compat module. You can still use the directives, and there are plenty of tutorials that recommend them. However, the module has been deprecated in favour of mod_authz_host. I strongly recommend using the latter module’s directives, as the old ones will stop working in a future Apache version.

Blocking one or more IPs

To block an IP address you can use a rule like this:

<RequireAll>
  Require all granted
  Require not ip 1.2.3.4
</RequireAll>

The <RequireAll> directive specifies that none of the nested directives should fail. The two nested rules are fairly easy to understand. First, we allow all and sundry to access our website, and we next specify that the rule does not apply to the IP address 1.2.3.4.

You can add multiple IPs and use CIDR notation. For instance, here I block three IP addresses:

<RequireAll>
  Require all granted
  Require not ip 1.2.3.4 9.8.7.6 5.5.4.4
</RequireAll>

And here I block all IPs in the range 1.2.3.0 to 1.2.3.255:

<RequireAll>
  Require all granted
  Require not ip 1.2.3.4/24
</RequireAll>

Allowing one or more IPs

Denying all traffic apart from one or more specific IP addresses uses the same logic. You first deny all IP addresses and then specify which IP address(es) are allowed:

<RequireAll>
  Require all denied
  Require ip 1.2.3.4
</RequireAll>

You can use this technique to block or allow entire countries. However, there are problems with that approach. In particular, your .htaccess file will include a humongous list with CIDR ranges which you will need to keep up to date. If you really want to go down that route, you can get a list with IPv4 addresses at countryipblocks.net.

Featured Blogs

Cloud Hosting; A Flexible and Secure Hosting Solution

28th November 2022

By catalyst2 Team

Setting your business up online and starting that journey can be incredibly intimidating and overwhelming. After all, you’re doing more than just setting up a website, you’re also creating a whole new platform for interacting with your customers. And this interaction means that you’re collecting data from your customers, data that needs protecting. So, not …

Read Article

Flexible Servers; Your Short Term Solution

27th October 2022

By catalyst2 Team

There’s no predicting what the future will hold and sometimes we have to be flexible with our work. This is why we’ve put together an amazing flexible service for our customers, offering short term managed servers available at a moment’s notice. But why might you need this? Well, imagine for a moment, it’s around 2pm …

Read Article

What we’re doing about rising costs

30th September 2022

By catalyst2 Team

Costs across the UK are rising for every business and household. From increasing costs of energy to changes in local economies, many businesses are feeling the strain. Companies like ours that rely on large quantities of power to run our service have been significantly impacted by these differences. We think it’s important to talk about …

Read Article

Breaking Down Everything you Need to Know About Dedicated Servers

29th September 2022

By catalyst2 Team

Finding the right server for your business can be a challenge. You have to balance the needs of your online presence with that ever so important budget. But there are so many available these days, it can be hard deciding which caters for your needs best. Here at catalyst2, we specialise in web hosting, offering …

Read Article

Reasons to Invest in Disaster Recovery Service

23rd September 2022

By catalyst2 Team

The business world runs at a fast pace and while this can bring extraordinary highs and many successes, it can also bring incredible risks. Disaster can strike at any time and the impact of these disasters can be catastrophic for your company, they can even cause you to declare bankruptcy. This has only gotten worse …

Read Article

An Introduction to AWS Management

15th August 2022

By catalyst2 Team

One of the many excellent solutions that we can offer you here at catalyst2 is our AWS management. AWS stands for Amazon Web Services and it is a scalable public cloud that we can help you to set up, manage, monitor, maintain and grow. We have years of experience working with different servers and hosting …

Read Article

How We Protect your Data on our Servers

8th August 2022

By catalyst2 Team

The care of your customer’s data is a legal requirement but it’s also important to take care of your own data, which is why having the right security is incredibly important. Security is a vital part of our service here at catalyst2. We often get asked about how we properly protect your server data and …

Read Article

Why you Should Be Upgrading to a Managed Dedicated Server

27th June 2022

By catalyst2 Team

Finding the right server for your business can be a challenge. You need to find the one that meets all of your needs without compromising your budgetary restrictions. This can seem like a lot of criteria to fill, but fortunately for you, you’re here with us at catalyst2 and we can help introduce you to …

Read Article

Managed vs Unmanaged Servers; Which is your Best Option?

20th June 2022

By catalyst2 Team

Having an entire server dedicated to your internet presence is a great choice for your business. Our most popular solution, the dedicated server allows you a whole server to be dedicated to your business, unlike the other options available, which only offer a partial server that may be congested by other businesses. If you’re experiencing …

Read Article

VPS: An Introduction to Private Servers

14th June 2022

By catalyst2 Team

There is a lot to say about VPS. This Virtual Private Server from the team at catalyst 2 is designed to offer you the infrastructure that you need to build a strong online presence. All of our VPS’s are fully managed by our team at catalyst2, ensuring that they are tailored to the needs of …

Read Article

What our clients say

Everything is fine, thank you. The queries I had were dealt with in a prompt, professional and truly friendly manner! I have never experienced such superb service from any other supplier!

You guys and Catalyst2 are awesome!

Kan Parekh, WSI

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.

Necessary

Always Enabled

Functional

Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.

Cookie	Duration	Description
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	2 years	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Performance

Analytics

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_5562310_11	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Others

Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.

Cookie	Duration	Description
_ashkii	session	No description available.
_wicasa	3 months	No description available.
AnalyticsSyncHistory	1 month	No description
cookid	3 months	No description available.
cookietest	session	No description
crisp-client/domain-detect/1644827320973	session	No description
crisp-client/domain-detect/1644827348275	session	No description
crisp-client/domain-detect/1644827428415	session	No description
crisp-client/domain-detect/1644827479357	session	No description
crisp-client/domain-detect/1644827596454	session	No description
crisp-client/domain-detect/1644827724838	session	No description
crisp-client/domain-detect/1644827824383	session	No description
crisp-client/domain-detect/1644827878659	session	No description
crisp-client/domain-detect/1644828716243	session	No description
crisp-client/domain-detect/1644828846246	session	No description
crisp-client/domain-detect/1644829369013	session	No description
crisp-clientsession30cc6953-ebcf-4bc6-b649-c44eb446409e	6 months	No description
dbmFP	3 months	No description available.
dbmPK	3 months	No description available.
li_gc	2 years	No description

Deny access to IP addresses using .htaccess

Blocking one or more IPs

Allowing one or more IPs

Featured Blogs

What our clients say

Everything is fine, thank you. The queries I had were dealt with in a prompt, professional and truly friendly manner! I have never experienced such superb service from any other supplier! You guys and Catalyst2 are awesome!

Kan Parekh, WSI

Everything is fine, thank you. The queries I had were dealt with in a prompt, professional and truly friendly manner! I have never experienced such superb service from any other supplier!

You guys and Catalyst2 are awesome!