How to Block IP by Country Using the .htaccess File

17-05-2024 - General, Guides, htaccess

An introduction on how to block IP by country using the .htaccess file

In an increasingly interconnected world, managing and securing your website is more important than ever. One effective method to enhance your website’s security is by blocking traffic from specific countries. Whether it’s preventing malicious attacks, combating spam, or adhering to regional regulations, restricting access based on geographic location can be crucial. So understanding how to block IP by country using the .htaccess file can be a highly valuable thing to know.

The .htaccess file is a powerful configuration file used by Apache-based web servers that can handle a range of tasks to improve your website’s functionality and security. With just a few lines of code, you can considerably bolster your site’s defenses. In this blog post, we’ll delve into the specifics of how to block IP addresses by country using the .htaccess file.

You might wonder why you would want to take such measures. Blocking IP ranges from specific countries can significantly reduce unwanted traffic, including spammers and hackers frequently targeting websites from certain regions. By taking a proactive approach, you can safeguard sensitive information, improve your site’s load times, and ensure a smoother experience for your authenticated users. We will guide you step-by-step through the process, from understanding IP ranges to writing and implementing the necessary .htaccess rules. By the end of this post, you will possess the knowledge to make informed decisions on deploying this technique effectively.

How to Block IP by Country Using the .htaccess File

Step 1 – Access Your Server

Firstly, you need access to your website’s server files. Typically, you can do this via FTP (File Transfer Protocol) or through your web hosting control panel.

Access your webserver

Create or Edit .htaccess File 1-1
Create or Edit .htaccess File 1-2

Step 2 – Create or Edit .htaccess File

In the root directory of your website, look for a file named `.htaccess`. If you don’t find one, you can create a new text file and name it `.htaccess`.

Step 3 – Import the Geo-IP module

In your htaccess file, import the `Geo IP` module – this module will allow you to block a range of IP addresses related to specified countries – using the country code.

Import the Geo-IP module

Enable the Geo IP module

Step 4 – Enable the Geo IP module

Enable the Geo IP module using the GeoIPEnable Directive.

Step 5 – Set the path for the Geo IP module

Set the path for the Geo IP moduledatabase – the path should be exactly where the Geo Ip database on your hosting filesystem is (You can contact your hosting support for the location of this file).

Set the path for the Geo IP module

Set the blocked Countries

Step 6 – Set the blocked Countries

Set the Countries you wish to block out using the SetEnvIf directive and the country ISO code.

The Deny directive will block out the site visitor from your website if the IP address country matches any of the set of Countries.

Step 7 – Save the .htaccess file

Save the .htaccess file, and you are now done – all the specified countries should now be blocked.

Save the .htaccess file