Have you seen a high volume of login requests from the same IP addresses?
This is a classic symptom of a website brute force attack. As your website expands, so will the number of security challenges it encounters. It might be through brute-force attacks or spamming remarks. But, if not managed appropriately, these attacks might cause your website to slow down. Or, in the worst-case situation, result in a hack.
Your site stores both your personal information and any other user data. Hence, it is vital to keep it secure. Dealing with these intruders should thus be a great concern. Blocking any IP addresses that appear malicious is an easy approach to get rid of them.
Issues such as a constant bombardment of login requests or spam comments may appear to be minor annoyances. But they can quickly escalate into larger issues. If attackers gain access to your website. They may:
- Place malicious files on it
- Steal your information
- Sivert your users
- Deface it and demand money
Fortunately, protecting your website from known attackers is simple. Blocking IP addresses in WP is an effective approach to safeguard your site from spammers and attacks. Let’s talk about what, why, and how IP addresses are blocked on WordPress.
- 1 What is an IP Address?
- 2 Why should you Restrict IP Addresses in WordPress?
- 3 Identify IP Address That Are Cause For Concern
- 4 How to Use Your Hosting Administration Tools to Find and Block IP Addresses
- 5 How to restrict IP addresses in WordPress?
- 5.1 Blacklisting WordPress Commenters
- 5.2 Block IP Addresses in WordPress
- 5.3 Use .htaccess to block IP addresses.
- 5.4 Allow access to the WordPress admin dashboard from several IP addresses.
- 5.5 Allow only your IP address to access the dashboard.
- 5.6 Use cPanel to block an IP Address
- 5.7 WordPress Plugins to Block IP Addresses
- 6 When IP Address Blocking Fails, Automate the Process!
- 7 Why you shouldn’t rely on IP address blocking?
- 8 Conclusion
What is an IP Address?
Consider IP addresses as a country, street, and home number if the internet were a physical world. They are four groups of numbers ranging from 0-255 that are separated by dots and appear as follows: 172.16.254.1
An IP address is assigned to each computer connected to the internet by the ISP.
Every visitor to your website is assigned an IP address, saved in the access log files. It implies that your IP address is saved on every website you visit.
Using a VPN service, you can hide this information. It allows you to conceal your IP address as well as other personal data.
Why should you Restrict IP Addresses in WordPress?
Spammers or hackers may be attempting to assault your website. To avoid spam or malicious users, you’ll need to blacklist IP addresses in WordPress. You can keep them out by blacklisting their IP addresses. Here are four reasons why you might consider blocking them:
1. Too much spam
Commenters may be adding to the spam on your site regularly. In your comment section, you’ll come across some unscrupulous adverts. You’ll be able to do the following by barring these shady visitors:
- Allow your website’s SEO to stay in good shape.
- Save the time you would have spent moderating comments.
- Make your website more professional-looking.
- Make it impossible for spammers to create a new account.
- Protect your WordPress site from brute force attacks.
- Prevent assaults such as SEO spam, spam links injection, wordpress site redirection to another site, Japanese keywords hack, SQL injection, pharma hacking, and a variety of other hacks that arise due to many security flaws in a wordpress site.
2. Annoying bots
Some users may not be spamming in the traditional sense. But they may be communicating in a bot-like manner. Their presence can pose some issues, particularly if you’ve built up a user forum. Suspicious IPs are blocked, which stops the bots in their tracks.
You may be restricting access to your site. But to only approved visitors who aren’t required to create individual accounts. By restricting IPs to only those users in certain locations. You can keep undesirable people at bay. Unfortunately, if they’re using SSL proxies, it’ll be difficult to spot them.
4. Attacks by hackers
According to a Sucuri survey, you can use WordPress to build 90% of hacked websites. DDoS and brute force are the most common methods hackers use to get unauthorized access to your website. One of the sophisticated strategies you may use to defend your wordpress site from hacking is identifying dodgy IPs and restricting them.
Identify IP Address That Are Cause For Concern
These are the two methods you can use to find IP addresses you want to block:
Before you can ban IPs, you must first determine which ones are creating problems. If you find out they’re from spammy or shady commenters, blacklisting becomes a breeze.
All your site’s commenters’ addresses are saved in WordPress. To get their address, go to the dashboard and then to the “Comments” area.
Every commenter’s IP address will be displayed in the “Author” section. The section also contains their usernames and email addresses. First, make a list of the IP addresses you want to block; you’ll enter them into appropriate fields later.
Raw Access Logs
When your site is under a DDOS attack, finding IP addresses might be difficult. In these circumstances, you can find IP addresses by checking through your access log.
You must first log into cPanel. Scroll down to “Raw Access Logs” after clicking on ‘log.’ It’ll take you to the access logs area if you select this option. You must first select your domain name before downloading your access logs file.
Access log files are usually downloaded as.gz archives. You must first extract the file before using it. Some computers lack the software required to open such files. If this is the case, you’ll need to download and install an application to open such files. WinZip and 7-Zip are two popular folder extraction programs that you can download to any Windows device.
Only a Notepad or similar tool may view your access log folder, which you’ll find inside the archive. The folder contains all raw data from requests made to your site. These requests are made by IP addresses that appear first on the line, making them very easy to track down.
You can block the IP addresses of search engines and other normal people if you’re not careful. To capture the correct IPs, you must first record all questionable IPs. You can then paste them into any IP lookup tool to conduct further analysis.
Receiving a large number of requests from a single IP address indicates a shady IP. Keep track of such addresses in a separate text file in case they’re up to no good.
How to Use Your Hosting Administration Tools to Find and Block IP Addresses
The focus of this article is on how to find and block IP addresses within WordPress. But let’s take a quick peek outside the platform. Some hosts provide helpful features, and you may find them easier or easier to use in some instances.
You should look for your Access Logs first. Regardless of whether you’re using cPanel, Plesk, or a custom admin interface. For example, in WP Engine, you’d go to Production > Access Logs and then click on your selected site.
Choose the appropriate server from the drop-down menu. Next, it should display a list of recent visitor IP addresses:
From there, you’ll need to look into what your host has to offer when restricting access to your site on the back end. IP Blocker or IP Address Deny Manager, for example, will be used by cPanel:
Enter the IP address you wants to remove into this tool and click Add:
This feature is highly useful in many situations. But having a WordPress-based technique is equally beneficial. So let’s have a look at three different approaches to banning IPs in the CMS.
How to restrict IP addresses in WordPress?
There are two ways to restrict IP addresses:
- Block them from the “Comment Blacklist” section manually.
- Using Add-ons/Plugins.
We’ll take a look at both strategies in the sections below. These are the most effective methods for blocking invaders and DDoS attackers in WP.
Blacklisting WordPress Commenters
Visit the “Settings” column. Here you can blacklist IP addresses and restrict them from making comments. Scroll down to “Discussion” and choose “Comment Blacklist.” Then, paste all the IP addresses you want to exclude.
Block IP Addresses in WordPress
To prevent users from leaving comments on your site based on their IP address. You can do it from the WordPress admin area.
Scroll down to the ‘Comment Blacklist’ text box on the Settings » Discussion page.
Copy and paste the IP addresses you want to block, then click the Save Changes button to save your changes.
Users with these IP addresses will no longer be able to leave comments on your website. These users will still be able to access your website. But when they try to leave a remark, they will receive an error message.
Use .htaccess to block IP addresses.
The .htaccess file is used to manually restrict IP addresses. Depending on the IP address type. You’ll use different ways for blacklisting IPs with this file. These are a few examples:
Static IP address
You have a static IP address if you have a single PC in your home that you always use to visit your website. If you rarely change your address or your site is only operated by you and a few others. This blacklisting strategy may be ideal for you. You’ll need to submit one or more email addresses of persons who can access the login page on your website.
The code below will allow you to add a few IP addresses to your safe list, keeping any unauthorized IPs out. Before closing the file, make sure you click “Save.”
Dynamic IP Addresses
This technique can work for you if you frequently view your site from many locations. But, first, you must enter the following code into your document:
Remove the “your-site.com” component and replace it with the URL of your website. Then edit the path in the first and second lines. The code also includes an error page to avoid your site from becoming stuck in a redirect loop.
Using brute force attacks, malicious people may attempt to get unauthorized access to your login page. The following code will prevent these hackers from accessing the page. It also allows authorized visitors who arrive via your website to do so. These genuine users will be unable to distinguish between the two.
Using a security plugin that displays failed login attempts, you can observe the difference this code makes with changeable IP addresses.
Allow access to the WordPress admin dashboard from several IP addresses.
To do so, Add the code below :
order deny, allow
# Replace the below 18.104.22.168, 22.214.171.124 with the IP addresses you want to allow #
allow from 126.96.36.199
allow from 188.8.131.52
deny from all
You can also use the following WP plugins to prevent IP addresses from logging into the WP Dashboard.
Allow only your IP address to access the dashboard.
In your .htaccess file, paste the following code. Create a new .htaccess file in your wp-admin directory if you don’t already have one.
order deny, allow
# Replace the below 184.108.40.206 with your IP address #
allow from 220.127.116.11
deny from all
Only the IP address listed above will be able to access the WordPress admin dashboard.In your .htaccess file, paste the following code. Create a new .htaccess file in your wp-admin directory if you don’t already have one.
order deny, allow
# Replace the below 18.104.22.168 with your IP address #
allow from 22.214.171.124
deny from all
Only the IP address listed above will be able to access the WordPress admin dashboard.
Use cPanel to block an IP Address
This prevents an IP address from accessing or viewing your site. To secure your WP site from hacking attempts and DDOS attacks. You should use this method.
To begin, log into your hosting account’s cPanel panel. Next, scroll down to the security area and select the icon for “IP Address Deny Manager.”
This will open the IP Address Deny Manager application. You can enter the IP addresses you want to block in this box. Then click the add button to add a single IP address or a range of IP addresses.
If you ever need to unblock those IP addresses, return to this page.
WordPress Plugins to Block IP Addresses
Security plugins make the process of blocking IP addresses more automated. So you don’t have to look for hackers manually. The following are some of the most popular blocking plugins:
WP-ban users, like Simple-IP ban users, can block any single IP or IP range. If any of the prohibited users try to visit your site, the plugin shows a ban message. Besides wildcard matching, it also allows you to set aside specific addresses to avoid them from being banned. When these excluded addresses visit your site, Wp-ban keeps track of how many times they visit.
To enable the plugin, follow these steps:
- Install and activate it normally first.
- Go to the “Settings” menu.
- Select the “Ban” option. It will take you to a website with a list of banned IPs and IP ranges.
- Add or remove IP addresses from the page.
- Save changes.
Simple IP ban
Simple IP Ban is a free plugin that performs exactly what its name implies. It blocks IP addresses using a simple approach. To get started with the plugin, simply download it like any other. Then navigate to “Settings.” Next, configure the plugin by clicking “Simple IP ban.”
You can do the following in the “Settings” section:
- Block some User Agents to keep bots at bay.
- Set a limit on a specific IP address (you can keep out a service provider)
- Restrict an IP address Range
You can also set up a redirect URL to keep logged-in users off the blacklist.
Limit log-in attempts.
By utilizing specific cookies, WordPress allows all users to access your site. This allows for limitless login attempts. Your passwords and hashes can be compromised with limitless access. Hence, your site is vulnerable to brute-force attacks.
Login Attempts blacklists IP addresses. This restricts users from attempting another login. After they’ve used up their allotted number of retries. In essence, the plugin makes brute-force attacks more difficult for shady users.
The following are some of the plugin’s features:
- Every IP has a limit on retry login attempts. You can change this restriction to a value that is appropriate for your website.
- You can use auth cookies to limit the number of attempts.
- It tells visitors how many retries they have left or how much time they have till they are kicked out.
- Optional notifications are possible.
- With the use of a filter, website owners can whitelist IP addresses.
To use the plugin, follow these steps:
To begin, go to the WordPress dashboard and install the plugin.
Navigate to “Settings” and select the plugin’s menu. A new window will appear.
- You may then specify the maximum number of attempts, the lockout duration, and a variety of additional variables.
On your dashboard, the simple security plugin allows you to track logins and failed login attempts. You can get the following features by upgrading to the premium version:
- When specific circumstances are met. You can receive regular email alerts that you can customize.
- When the plugin blocks a new IP address, it might send you an optional alert.
- After each successful login attempt, you can choose to get an optional alert.
- When a user’s login attempt fails, you can receive an optional email alert.
- Priority Support for the Long – Term.
You can use the plugin in these ways:
- Install the plugin in the same way you’d install any other WordPress plugin.
- Go to Settings and select the plugin’s menu option from the drop-down menu.
- Make the necessary adjustments to suit your needs. Select the types of alerts you’d want to receive.
IP Blacklist Cloud
You can use this plugin to block any suspicious IP addresses from visiting your website. It adds your website’s information to their database. This allows other users to see which websites have blacklisted them and read comments. New functionality in the plugin allows you to block people from spamming your site.
How does the plugin function?
Scroll down until you find the option to include IP addresses in the Blacklist section. The IP address you want to block can then be entered. This process allows you to manually keep track of IP addresses.
- To get rid of any spammers, navigate to the plugin’s “Comments” area. The IP addresses of these spam commentators can then be obtained by visiting IP-finder.me. Visitors with restricted IPs will be unable to access any of your site’s content.
- You can remove any IP addresses from your blacklisted list by going to “IP Blacklist.” You’ll also be able to remove your website’s URL from the list of blacklisted IP addresses.
- You can leave a remark on IP Cloud to let other website owners know why the IP address has been blacklisted.
When IP Address Blocking Fails, Automate the Process!
If you’re either trying to stop some basic hacking attempts, specific users, or people from specified regions or countries. Blocking an IP address might help.
But many hacking attempts and attacks use a diverse variety of random IP addresses from around the world. You’ll never be able to keep track of all those random IP addresses.
That’s where a Web Application Firewall comes in handy (WAF). Sucuri is a website security service that uses a website application firewall to protect your website from such threats.
In short, all your website traffic passes through their servers. Where it is checked for suspected activities. It prevents questionable IP addresses from accessing your website completely.
When you rely on a free or untrustworthy service to keep your WordPress security up to date. The results might not be ideal.
Your free security plugin blocks suspected IPs from visiting your website. It may also prevent customers or team members from doing so. This could be detrimental to your website’s security and cause more issues than it solves.
When this happens, you’ll need to whitelist IP addresses so that the proper traffic may flow again. You can do this manually or through your security plugin. But unless you have very specific access requirements, doing it manually can be very consuming.
Instead, an effective firewall will handle blocking harmful traffic. It will also allow legitimate traffic to pass through.
An intelligent firewall can distinguish between malicious IP addresses and legal visitors who may cause alarms owing to certain circumstances.
A firewall examines over 300,000 sites to better understand and refine security intricacies. This way, you don’t have to bother about blocking specific IP addresses.
Blocking IP addresses in WP is a powerful preventative technique for keeping your site safe. This prevents attackers from gaining access to your website. It also keeps them at bay before they can do any major damage to it.
Hacking should not be as complicated as most website owners make it appear. You can keep dubious IPs out and protect your site from falling prey to such attacks by blacklisting them using your dashboard.
But, don’t expect user IPs to remain constant. Unwanted visitors can access your site using a variety of IP addresses. They may reappear with fresh addresses even after you block them once.
That’s why we recommend sticking to one of the above options and blocking new, dangerous IPs.
If you want this procedure to be automatic and you don’t want to worry about security issues. So, you may choose a security solution that detects and blocks questionable IP addresses. You won’t have to worry about any attacks, and your website will be safe 24 hours a day, seven days a week.
We hope you found this post useful in learning how to block IP addresses in WordPress.