For those of you that are not familiar with the IP Deny Manager available in cPanel hosting accounts it is a simple way to block a specific IP address or a range of them.
It’s fairly strait forward and for the most part simple enough to figure out.
All you do is enter in the IP address you would like to block from accessing your website and click the Add button.
You can also use a range, implied range, or CIDR format.
Here are the steps you would use in cPanel:
1) Click IP Deny Manager
2) Enter an IP address or range you would like to block, then click Add.
Anyone using with the IP address 220.127.116.11 will be blocked from accessing our website in this screen shot example.
3) The IP addresses currently being blocked will appear in the list of “Current IP addresses being blocked” area below. To unblock this IP address, you would click “Remove”.
4) Then, it will prompt you to confirm, simply click Remove IP to finish removing it.
Like I said simple enough.
What this does, and I don’t think a lot of people realize is for every new IP address you add it simply updates your .htaccess file with a line of code like this:
deny from 18.104.22.168
This isn’t a problem if you only add a few of them, but it can become a problem if you add too many or don’t flush out (Remove) some of the older entries from time to time. Imagine if you added thousands!
Here is an screen shot from an .htaccess file showing some:
If you have added quite a few IP addresses using the IP Deny Manager you might take a look at your main .htaccess file to see how big it happens to be.
I was watching a video the other day about using cPanel IP Deny Manager to block spammers and such. The person appeared to be on a banning IP addresses spree or something. They were adding tons of new IP’s to the list, probably not realizing that by doing so their .htaccess file was growing rapidly.
This is not only a huge waste of time, but can lead to resource issues when you have an .htaccess file that starts to grow out of control.
Not only that, IP address change all the time. People can easily change their IP address with a proxy, and come back and spam your site or do whatever it was they were doing again anyway.
You might prevent a few unwanted visitors by banning IP’s, but for the most part if someone really wanted to they can easily get around it in a matter of seconds. You don’t have to be into all the technical stuff to figure this out either.
If you have a persistent issue with spam from a specific IP address, or a bot you could try to block it using this, but I wouldn’t waste a lot of time with it.
You might have better luck with an anti-spam or security plugin. You could also give Cloudflare, which can help prevent some unwanted traffic, as well as speed up your site with it’s CDN and caching ability.