CPanel | use IP Blocker to restrict access

CPanel: Restrict Access

via IP Blocker | .htaccess

The internet is a wonderful thing. Sadly however, there is a small percentage of malicious internet users that misuse it by stealing your bandwidth and/or your content for their own nefarious purposes.

You can restrict access to your website by adding to the coding of your .htaccess file. However, for those of us who know only enough about coding to get ourselves in trouble, CPanel has made things much easier by providing the handy tool: “IP Blocker”. You can use it to judiciously disallow access to to a domain or IP onto your site.

Restrict Access with CPanel | IP Blocker

cPanel IP blocker enables you to block your website for a single IP address, domain name or a range of IP address. All those users, who will try to access your website from blocked IP addresses will not be able to access your website.
(excerpt from

By using CPanel’s Awstats, you can see which websites are referring to you. And if you use the Google Search Console (previously “Google Webmaster Tools”), you will see the “Links Report” that gives a comprehensive list of which domains link to you most, your top-linked pages, your top-linking text, etc. etc. You will likely be able to quickly assess which sites make sense and which do not.

Use the search box to quickly find things in CPanel.

  1. After logging into CPanel, type “Awstats” in the field at the top to easily find the application. Select the Awstats app. CPanel Find Awstats in Search area
  2. On the page that appears, there will be a list of your domain(s). To see the stats, select “view” that appears beside the domain for which you would like to see the Awstats. CPanel View Awstats
  3. Once on the Awstats page, look on the left sidebar for “Referring sites” and select it. CPanel Awstats Referring sites The page that appears will show you a list of all the sites that have links to your site. Refrain from clicking on any domains you do not recognize! Copy and paste any suspect domain names into the Google search box to view the description(s) of the site(s). If you don’t like what you see, copy and paste the domain name into a text document for your reference.
  4. If there are domains you don’t like, you can now go back to “home” on CPanel and type “IP Blocker” in the field at the top to easily find the application. Select the IP Blocker app. CPanel find IP Blocker
  5. Using the text document you created, paste the domain name of the suspect referring site and select ‘add’. CPanel use IP Blocker to block by domain name
  6. Using the text document you created, paste the domain name of the suspect referring site and select ‘add’. CPanel suspect domain name blocked
  7. Please note that CPanel will translate the domain name into an IP address (numbers). Once you have blocked an IP, it will appear at the bottom of the IP Blocker page under the heading “Currently-Blocked IP Addresses”. There are numerous free sites online that provide a Whois, domain and/or IP search. If you think that you may have blocked a domain that shouldn’t be blocked, you can use CPanel to unblock it. Simply select “delete” that appears beside the IP address that is no longer suspect. CPanel delete no-longer suspect domain name from being blocked

Restrict Access with .htaccess

An .htaccess file can also be used to block IP addresses.

In an .htaccess file, any line beginning with a hash-tag (#) is a comment that is ignored by Apache when it is reading the file. The hash-tag must be at the beginning of the line. Putting a hash-tag in the middle of a line can cause errors.

Add the following to the .htaccess file that is in the main folder of your file manager. (You may have to check the “show hidden files” box before accessing your file manager.)

# Ban by domain or IP range
order allow,deny
# ban domains:
# stops all users connected to the internet
# via from viewing your site.
# List them one per line.
deny from
deny from
# Ban IPs
# To block multiple IP addresses, list them one per line.
deny from 987.654.321.01
deny from 987.654.321.02
deny from 987.654.321.03
# To block by range, do not specify the fourth octet;
# each octet is separated by a period:
deny from 987.654.321.
# This final command allows all other traffic,
# except the ones listed above as "deny from"
allow from all

Take care when blocking an entire range or name; it may lock out the innocent.


For more information about order, allow and deny, please see




Prevent Hotlinking