We’ve shown you how to use .htaccess for custom error pages and index pages, as well as how to use it to password protect directories and files. This week we’re going to show you how to use .htaccess to ban users via a specific IP address or range of addresses and get rid of spammers.
How Can I Get Rid of Problem Users From My Site?
After a website is online for a while, particularly if your site features a discussion forum or social networking features, it will come to your attention that a particular user is causing problems. You may have banned his email address already via the discussion forum software, only to find that he has simply gotten another email address and is at it again, causing problems for your other members. By using the .htaccess file, you can ban the problem user via his or her IP address. By adding the following code to your .htaccess file, he (or she) will be blocked from accessing the site altogether.
order allow,deny
deny from 192.168.0.21
deny from 213.12.081.02
allow from all
Note that this method does require you to already have access to their IP address. To use the code above you simply change one of the IP addresses shown to your problem user’s IP address and you’re set. The example above shows you how to ban more than one IP address at a time, but you can limit it to one IP address if you so desire. The code simply tells the server that if a user with any of those IP addresses comes to your site, they should be denied entry–and all others should be allowed.
You can also block a whole range of IP addresses by just omitting the last sequence of numbers (but keep the period). The code below would block any IP address that begins with 192.168, such as 192.168.0.113, 192.168.0.01, etc.
order allow,deny
deny from 192.168.
allow from all
How Can I Block Spammers From a Specific ISP?
You may have come to the conclusion that certain domains or ISPs are being used to send spam, submit spam to your forums, and otherwise clog your site with obnoxious clutter that annoys your members and visitors to your site. You can ban them completely by adding the following code to your .htaccess file:
order allow,deny
deny from spammer.com
deny from subdomain.another-spammer.com
allow from all
This means that anybody who comes from spammer.com or even subdomain.another-spammer.com will be stopped from even getting into your site. Just be careful, as some common ISPs that are known for their use by spammers are also used by normal users, and those users will also be denied entry to your site.