{"id":5974,"date":"2024-12-09T12:57:09","date_gmt":"2024-12-09T07:27:09","guid":{"rendered":"https:\/\/www.veeble.com\/kb\/?p=5974"},"modified":"2025-05-05T12:13:48","modified_gmt":"2025-05-05T06:43:48","slug":"how-to-allow-deny-access-to-a-site-using-htaccess","status":"publish","type":"post","link":"https:\/\/www.veeble.com\/kb\/how-to-allow-deny-access-to-a-site-using-htaccess\/","title":{"rendered":"How to Allow\/Deny Access to a site using .htaccess"},"content":{"rendered":"\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2024\/12\/Dark-Blue-Modern-Geometric-Simple-Feature-Section-Website-UI-Prototype.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"640\" src=\"https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2024\/12\/Dark-Blue-Modern-Geometric-Simple-Feature-Section-Website-UI-Prototype-1024x640.jpg\" alt=\"How to Allow\/Deny Access to a site using .htaccess\" class=\"wp-image-6011\" srcset=\"https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2024\/12\/Dark-Blue-Modern-Geometric-Simple-Feature-Section-Website-UI-Prototype-1024x640.jpg 1024w, https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2024\/12\/Dark-Blue-Modern-Geometric-Simple-Feature-Section-Website-UI-Prototype-300x188.jpg 300w, https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2024\/12\/Dark-Blue-Modern-Geometric-Simple-Feature-Section-Website-UI-Prototype-768x480.jpg 768w, https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2024\/12\/Dark-Blue-Modern-Geometric-Simple-Feature-Section-Website-UI-Prototype.jpg 1280w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n\n\n\n<p>The <a href=\"https:\/\/www.veeble.com\/kb\/what-is-htaccess-in-wordpress\/\">.htaccess file<\/a> is a powerful configuration file used by Apache web servers, to manage and control access to your Website. With this you can allow\/deny access to your website from various IP,Domains and Graphical region. We have already discussed the details of .htaccess file in our <a href=\"https:\/\/www.veeble.com\/kb\/what-is-htaccess-in-wordpress\/\">previous article<\/a>.<\/p>\n\n\n\n<p>Here we are discussing about how to allow\/deny access to a site by .htaccess file. Access control is a critical aspects of our website security and performance optimization. By allowing or denying specific users or IP addresses, you can prevent unauthorized access, block malicious traffic, or restrict content availability.<\/p>\n\n\n\t\t\t\t<div class=\"wp-block-uagb-table-of-contents uagb-toc__align-left uagb-toc__columns-1  uagb-block-e771cc98      \"\n\t\t\t\t\tdata-scroll= \"1\"\n\t\t\t\t\tdata-offset= \"30\"\n\t\t\t\t\tstyle=\"\"\n\t\t\t\t>\n\t\t\t\t<div class=\"uagb-toc__wrap\">\n\t\t\t\t\t\t<div class=\"uagb-toc__title\">\n\t\t\t\t\t\t\tTable Of Contents\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"uagb-toc__list-wrap \">\n\t\t\t\t\t\t<ol class=\"uagb-toc__list\"><li class=\"uagb-toc__list\"><a href=\"#prerequisites\" class=\"uagb-toc-link__trigger\">Prerequisites<\/a><li class=\"uagb-toc__list\"><a href=\"#denying-access-by-ip-address\" class=\"uagb-toc-link__trigger\">Denying Access by IP Address<\/a><li class=\"uagb-toc__list\"><a href=\"#allowing-access-by-ip-address\" class=\"uagb-toc-link__trigger\">Allowing Access by IP Address<\/a><li class=\"uagb-toc__list\"><a href=\"#blocking-access-by-domain\" class=\"uagb-toc-link__trigger\">Blocking Access by Domain<\/a><li class=\"uagb-toc__list\"><a href=\"#denying-access-to-specific-files-or-directories\" class=\"uagb-toc-link__trigger\">Denying Access to Specific Files or Directories<\/a><li class=\"uagb-toc__list\"><a href=\"#restricting-access-based-on-user-agent\" class=\"uagb-toc-link__trigger\">Restricting Access Based on User Agent<\/a><li class=\"uagb-toc__list\"><a href=\"#conclusion\" class=\"uagb-toc-link__trigger\">Conclusion<\/a><ul class=\"uagb-toc__list\"><li class=\"uagb-toc__list\"><a href=\"#experience-uninterrupted-performance\" class=\"uagb-toc-link__trigger\">Experience Uninterrupted Performance<\/a><\/ul><\/ol>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\n\n<h2 class=\"wp-block-heading\" id=\"prerequisites\"><strong>Prerequisites<\/strong><\/h2>\n\n\n<ul class=\"wp-block-list\">\n<li>Access to the <code>.htaccess<\/code> file on your web server.<\/li>\n\n\n\n<li>Basic knowledge of how to edit files via a control panel, FTP, or SSH.<\/li>\n\n\n\n<li>An understanding of the IP addresses or domains you wish to allow or block.<\/li>\n<\/ul>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><strong>Note<\/strong>: Always take a backup of your <code>.htaccess<\/code> file before making changes.<\/p>\n<\/blockquote>\n\n\n<h2 class=\"wp-block-heading\" id=\"denying-access-by-ip-address\">Denying Access by IP Address<\/h2>\n\n\n<p><strong>Locate the <code>.htaccess<\/code> File<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Log in to your hosting account or server.<\/li>\n\n\n\n<li>Navigate to the root directory of your website, usually <code>\/public_html\/<\/code> or <code>\/var\/www\/html\/<\/code>.<\/li>\n\n\n\n<li>Look for the <code>.htaccess<\/code> file. If it doesn&#8217;t exist, create one.<\/li>\n<\/ol>\n\n\n\n<p>Now to block specific IP addresses from accessing your site, add the following lines to your <code>.htaccess<\/code> file:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>order allow,deny\ndeny from &lt;<strong>IP<\/strong>&gt;\ndeny from &lt;<strong>IP<\/strong>&gt;\nallow from all<\/code><\/pre>\n\n\n\n<p>The <code>allow from all<\/code> directive ensures that all other visitors have access.<\/p>\n\n\n<h2 class=\"wp-block-heading\" id=\"allowing-access-by-ip-address\"><strong>Allowing Access by IP Address<\/strong><\/h2>\n\n\n<p>To restrict access to only specific IP addresses, use this configuration:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>order deny,allow\ndeny from all\nallow from &lt;<strong>IP<\/strong>&gt;\nallow from &lt;<strong>IP<\/strong>&gt;<\/code><\/pre>\n\n\n\n<p>Replace the IPs with those of users you want to grant access.<\/p>\n\n\n<h2 class=\"wp-block-heading\" id=\"blocking-access-by-domain\">Blocking Access by Domain<\/h2>\n\n\n<p>If you want to block users from specific domains, use the <code>SetEnvIf<\/code> directive:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">SetEnvIf Referer \"example.com\" spammer<br>SetEnvIf Referer \"another-spam-site.com\" spammer<br>&lt;Files *&gt;<br>    Order Allow,Deny<br>    Allow from all<br>    Deny from env=spammer<br>&lt;\/Files&gt;<\/pre>\n\n\n\n<p>Replace <code>example.com<\/code> and <code>another-spam-site.com<\/code> with the domains you wish to block.<\/p>\n\n\n<h2 class=\"wp-block-heading\" id=\"denying-access-to-specific-files-or-directories\">Denying Access to Specific Files or Directories<\/h2>\n\n\n<p>You can block access to specific files or directories by adding rules to your <code>.htaccess<\/code> file. For example:<\/p>\n\n\n\n<p><strong>Block Access to a Specific File<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&lt;Files \"config.php\"&gt;\n    Order Allow,Deny\n    Deny from all\n&lt;\/Files&gt;\n<\/code><\/pre>\n\n\n\n<p><strong>Block Access to a Specific Directory<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">&lt;Directory \"\/path\/to\/your\/directory\"&gt;<br>    Order Allow,Deny<br>    Deny from all<br>&lt;\/Directory&gt;<\/pre>\n\n\n<h2 class=\"wp-block-heading\" id=\"restricting-access-based-on-user-agent\">Restricting Access Based on User Agent<\/h2>\n\n\n<p>You can allow or deny website access based on specific user agents. User agents are identifiers sent by browsers or bots when they visit a website. To block unwanted bots or allow specific browsers, you can add the following rules to your <code>.htaccess<\/code> file:<\/p>\n\n\n\n<p><strong>To Block Specific User Agents<\/strong><\/p>\n\n\n\n<p>Use the following code to deny access to certain user agents:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>SetEnvIfNoCase User-Agent \"BadBot\" bad_bot\nSetEnvIfNoCase User-Agent \"EvilScraper\" bad_bot\n\n&lt;RequireAll&gt;\n    Require all granted\n    Require not env bad_bot\n&lt;\/RequireAll&gt;\n<\/code><\/pre>\n\n\n\n<p><strong>To Allow Only Specific User Agents<\/strong><\/p>\n\n\n\n<p>Use the following code to allow only specific user agents and block all others.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>SetEnvIfNoCase User-Agent \"Googlebot\" allowed_agent\nSetEnvIfNoCase User-Agent \"Bingbot\" allowed_agent\n\n&lt;RequireAll&gt;\n    Require env allowed_agent\n&lt;\/RequireAll&gt;<\/code><\/pre>\n\n\n\n<p>Replace <code>\"BadBot\"<\/code>, <code>\"EvilScraper\"<\/code>, <code>\"Googlebot\"<\/code>, and <code>\"Bingbot\"<\/code> with the actual user agent strings you wish to allow or block.<\/p>\n\n\n<h2 class=\"wp-block-heading\" id=\"conclusion\"><strong>Conclusion<\/strong><\/h2>\n\n\n<p>The <code>.htaccess<\/code> file is a versatile tool for controlling website access. By configuring access rules based on IP addresses, domains, or files, you can enhance your site&#8217;s security and manage user access effectively. Remember to regularly review and update your <code>.htaccess<\/code> rules to adapt to changing security requirements.<\/p>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<div class=\"wp-block-uagb-call-to-action uagb-block-939cb6ea wp-block-button\"><div class=\"uagb-cta__wrap\"><h3 class=\"uagb-cta__title\">Experience Uninterrupted Performance<\/h3><p class=\"uagb-cta__desc\">Benefit from reliable infrastructure and 24\/7 support, ensuring your website is always online.<\/p><\/div><div class=\"uagb-cta__buttons\"><a href=\"https:\/\/www.veeble.com\/in\/vps-hosting\/\" class=\"uagb-cta__button-link-wrapper wp-block-button__link\" target=\"_blank\" rel=\"noopener noreferrer\">Choose Your Plan<svg xmlns=\"https:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 512 512\"><path d=\"M504.3 273.6l-112.1 104c-6.992 6.484-17.18 8.218-25.94 4.406c-8.758-3.812-14.42-12.45-14.42-21.1L351.9 288H32C14.33 288 .0002 273.7 .0002 255.1S14.33 224 32 224h319.9l0-72c0-9.547 5.66-18.19 14.42-22c8.754-3.809 18.95-2.075 25.94 4.41l112.1 104C514.6 247.9 514.6 264.1 504.3 273.6z\"><\/path><\/svg><\/a><\/div><\/div>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"has-ast-global-color-8-color has-text-color has-link-color wp-elements-22d3202bc96c2fac8611f39aeda01b57\"><strong>Also Reads:<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-wp-embed is-provider-veeble-hosting wp-block-embed-veeble-hosting\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"wp-embedded-content\" data-secret=\"0ovOb2gv4X\"><a href=\"https:\/\/www.veeble.com\/kb\/change-the-document-root-using-htaccess-file\/\">Change the document root using .htaccess file<\/a><\/blockquote><iframe loading=\"lazy\" class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; visibility: hidden;\" title=\"&#8220;Change the document root using .htaccess file&#8221; &#8212; Veeble Hosting\" src=\"https:\/\/www.veeble.com\/kb\/change-the-document-root-using-htaccess-file\/embed\/#?secret=zyncKuFFcb#?secret=0ovOb2gv4X\" data-secret=\"0ovOb2gv4X\" width=\"500\" height=\"282\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe>\n<\/div><\/figure>\n\n\n\n<figure class=\"wp-block-embed is-type-wp-embed is-provider-veeble-hosting wp-block-embed-veeble-hosting\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"wp-embedded-content\" data-secret=\"t1qeaziRpe\"><a href=\"https:\/\/www.veeble.com\/kb\/what-is-htaccess-in-wordpress\/\">What Is  .htaccess In WordPress?<\/a><\/blockquote><iframe loading=\"lazy\" class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; visibility: hidden;\" title=\"&#8220;What Is  .htaccess In WordPress?&#8221; &#8212; Veeble Hosting\" src=\"https:\/\/www.veeble.com\/kb\/what-is-htaccess-in-wordpress\/embed\/#?secret=KqzzC7AaAR#?secret=t1qeaziRpe\" data-secret=\"t1qeaziRpe\" width=\"500\" height=\"282\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe>\n<\/div><\/figure>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The .htaccess file is a powerful configuration file used by Apache web servers, to manage and control access to your Website. With this you [&hellip;]<\/p>\n","protected":false},"author":9,"featured_media":6011,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"footnotes":""},"categories":[9,2],"tags":[],"class_list":["post-5974","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-firewallsecurity","category-apache"],"uagb_featured_image_src":{"full":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2024\/12\/Dark-Blue-Modern-Geometric-Simple-Feature-Section-Website-UI-Prototype.jpg",1280,800,false],"thumbnail":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2024\/12\/Dark-Blue-Modern-Geometric-Simple-Feature-Section-Website-UI-Prototype-150x150.jpg",150,150,true],"medium":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2024\/12\/Dark-Blue-Modern-Geometric-Simple-Feature-Section-Website-UI-Prototype-300x188.jpg",300,188,true],"medium_large":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2024\/12\/Dark-Blue-Modern-Geometric-Simple-Feature-Section-Website-UI-Prototype-768x480.jpg",768,480,true],"large":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2024\/12\/Dark-Blue-Modern-Geometric-Simple-Feature-Section-Website-UI-Prototype-1024x640.jpg",1024,640,true],"1536x1536":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2024\/12\/Dark-Blue-Modern-Geometric-Simple-Feature-Section-Website-UI-Prototype.jpg",1280,800,false],"2048x2048":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2024\/12\/Dark-Blue-Modern-Geometric-Simple-Feature-Section-Website-UI-Prototype.jpg",1280,800,false]},"uagb_author_info":{"display_name":"Nayana Nair","author_link":"https:\/\/www.veeble.com\/kb\/author\/nayana\/"},"uagb_comment_info":0,"uagb_excerpt":"The .htaccess file is a powerful configuration file used by Apache web servers, to manage and control access to your Website. With this you [&hellip;]","_links":{"self":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts\/5974","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/comments?post=5974"}],"version-history":[{"count":6,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts\/5974\/revisions"}],"predecessor-version":[{"id":8821,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts\/5974\/revisions\/8821"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/media\/6011"}],"wp:attachment":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/media?parent=5974"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/categories?post=5974"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/tags?post=5974"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}