Block Bad Users from Accessing Your WordPress Website
Website security should be a top priority for every WordPress user and developer as well. In this article with the courtesy of Websouls WordPress Hosting in Pakistan guide you various ways to keep out troublesome malicious users, so they can’t target your website with spam/script to steal important information that requires learning how to block IP addresses in WordPress.
This is possible through the use of ‘blacklisting’ – a method that restricts specific IPs to keep them from accessing your website i.e. you can use blacklisting to ban IP addresses that have raised specific red flags (About red flags is mentioned below) or to keep spammers out of your comments section.
What is blacklisting?
Every user who visits your website has an IP address. This number identifies a particular Internet connection (network) and it remains constant even if the same user creates multiple accounts. This means you can use IP addresses to spot any that appear to be malicious.
The following are examples of red flags that will indicate that the user of a specific IP address is malicious:
• A huge number of failed login attempts (indicating a potential attempt to hack your site).
• Lots of spam comments posted by users from the same IP address.
• Access attempts on sensitive or restricted information by an unknown user.
If you see the above pattern of suspicious activity like this, you can ‘blacklist’ the specific IP addresses. In short words, you can ban any users originating from that address.
Ban IP addresses from your site completely
To do that, you can make a simple addition to one of your WordPress files. Make sure you have a recent backup in place first, as a security precaution. Then, you’ll need to log into your website directly using File Transfer Protocol (FTP) or through public_html under C-Panel.
Now find .htaccess folder right-click on this file, and select edit. This will open the file in your default text editor, with enabling you to make changes. On a new line at the bottom of the file, paste in the following code below:
Order Allow, Deny
Allow from all
Deny from 111.222.333.444/Malicious IP
You’ll want to replace the string of numbers in the final line with the first IP address you want to block. Then you can add additional Deny lines, each with a new IP. Save the file, and users from those IP addresses will no longer be able to access your site.
If you don’t like editing your .htaccess file directly, you can also use the free IP Ban plugin:
Block specific IP addresses from using your comments section:
The use for blacklisting is to prevent spammers from posting unwanted messages/links in your comments section. If you visit the Comments tab in your WordPress dashboard, you can see the IP address each message was posted from:
If you notice multiple spam comments coming from the same IP even if they’re posted by different users you can simply block that address. To do this, navigate to Settings > Discussion and look for the Comment Blacklist field:
Here, you can paste the problematic IP’s. Save your changes. All Done! Now users from that specific IP’s will no longer be able to post any comments on your website.
Team Technical Support
