How To Block An IP Address & How To Stop Hackers

How To Block An IP Address & How To Stop Hackers

How To Stop Hackers Dead In Their Tracks

In this tutorial, I will show you how to block an ip addresses, search engines and bad websites. The reason you want to do this is to stop them from stealing your passwords, credit cards your content, injecting malware or deleting your whole website altogether. A bad bot can that come from these ip address can flood your website with unnecessary requests (DdoS Attacks), which can cause issues with your hosting account, hacking into your site and just downright take your whole website down.

So what can you do? Well you can simply stop these bad boys right in their tracks; BLOCK THEM. I’m going to show you how to block them by entering a piece of code in your .htaccess file.

There are three ways to block them using htaccess: blocking by ip address, the website they are coming from and by search engine. Yes search engines misbehave too. You do have those Fake Crawlers that will use the name of Bing, Google, Baidu, etc. BUT before you block, make sure these are actual fake crawlers. You don’t want to block the real search engines, thinking they are fake. So let’s get started.

You’re going to need access to your cPanel Dashboard and as always make sure you backup your website

Now that we are in your cPanel, let’s walk through blocking the actual ip address first. now there

Block IP Address From Website

  1. Scroll down, click on file manager and make sure the site you are working on is selected. Click show hidden files and click go. Find your .htaccess file, click on it and click edit at the top and edit again. To block by ip address, just add this piece of code below. Make sure you replace the ip address with the one you are blocking.

“deny from 123.123.123.123”

This code should be added right before the words “#end WordPress” and click save.

How To Block A Search Engine

  1. To block by search engine, just repeat step one. Scroll down, click on file manager and make sure the site you are working on is selected. Click show hidden files and click go. Find your .htaccess file, click on it and click edit at the top and edit again. To block search engines, just add this piece of code below. Make sure you replace the code with the misbehaving search engine.

DON’T BLOCK GOOGLE, BING OR ANY OTHER REAL SEARCH ENGINES! ONLY BLOCK FAKE BOTS, HACKER SITES AND MALICIOUS SITES.

 

JOIN SMAZZIT FOR MORE WORDPRESS HELP FOR BUSINESS OWNERS

 

“RewriteEngine On

RewriteCond %{HTTP_USER_AGENT} ^.*(Baiduspider|HTTrack|Yandex).*$ [NC]

RewriteRule .* – [F,L]”

This code should be added right before the words “#end WordPress” and click save.

How To Block A Website

  1. And lastly to block a bad website, repeat step one again with different code. Scroll down, click on file manager and make sure the site you are working on is selected. Click show hidden files and click go. Find your .htaccess file, click on it and click edit at the top and edit again. To block a bad website, just add this piece of code below. 

“RewriteEngine On

RewriteCond %{HTTP_REFERER} example\.com [NC]

RewriteRule .* – [F]”

and click save.

Make sure you replace example.com with the bad website you are blocking!

BONUS!

4. Now here is one more thing, if you want to just temporarily block a search engine , including Google or Bing, while you are running an advertising campaign, temporarily use this code,

“ErrorDocument 503 “Site temporarily disabled for crawling”

RewriteEngine On

RewriteCond %{HTTP_USER_AGENT} ^.*(bot|crawl|spider).*$ [NC]

RewriteCond %{REQUEST_URI} !^/robots\.txt$

RewriteRule .* – [R=503,L]”

and click save.

NOTE: I wouldn’t suggest leaving this temporary code in your .htaccess file for longer than 2 days. 

#wordpress #wordpress2019 #howto

Here is a list of Bad Websites

See the rest at kloth.net bad websites

BLOCK THIS MALICIOUS WEBSITE 203.133.170.53

 

76.10.155.74 – 76-10-155-74.dsl.teksavvy.com2007-10-25EasyDL/3.04 http://keywen.com/Encyclopedia/BotNWhat is this, another content scraper?
65.55.165.52 – bl2sch1081918.phx.gbl2007-10-24Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET CLR 1.1.4322)NA bot from Microsoft, following the msnbot, polluting the logs with fake referrals like http://search.live.com/results.aspx?q=stuff&mrt=en-us&FORM=LIVSOP. Apparently a very shady black-hat operation, using various IP addresses 65.55.165.0/24, a bot mascerading and hiding behind a user browser UA string, polluting logs statistics by sending fake traffic pretending to be user search traffic from search.live.com. Very rude and annoying. They can’t even get their RDNS PTR records right. Well, it’s Microsoft as we know them.
207.96.148.8 – —2006-05-05Mozilla/4.0 (compatible; MSIE 5.0; Windows NT)Nunknown bot, hosted by rdprm.gouv.qc.ca, PQ, CA.
209.237.238.230 – —2006-05-03Nunknown bot of alexa.com, US. Weird operation, does not respect the robots standard, as an unknown bot (empty UA string) can not be dis-allowed. Sending an anonymous bot from non-resolving IP addresses with no associated PTR records does not add to profesionalism and trust.
209.237.238.235 – —2006-04-21N
209.237.238.224 – —2006-04-10N
64.15.129.5 – ip-64-15-129-5.reverse.privatedns.com2006-05-02http://www.picsearch.com/bot.htmlNunknown bot, 69.46.0.142 hosted by NOC4HOSTS, US. Content harvester with faked UA ?
69.46.0.142 – —2006-05-02http://www.picsearch.com/bot.htmlN
66.90.110.192/22 – —2006-05-02T8Abot/v0.0.7-beta (3724461@gmail.com)Nunknown bot, hosted by FDC Servers, fdcservers.net, US. Massive operation using many IP addresses (66.90.110.199 … 66.90.110.254)

6 Comments

  • Kate Posted November 9, 2019 12:04 pm

    Hey Pat, how are you?

    Thank you so much for this information, I believe that having your website hacked is the worst nightmare for an Admin (besides Google Ads send you the famous message), I’m extremely aware of it, so thank you so much. A quick question: How do you know a website is bad to block it, the same question for search engines? Thank you

    • Pat Johnson Posted November 9, 2019 1:35 pm

      Hello Kate, there a few ways you can tell to tell which bad websites to block.
      First, your hosting dashing board shows you your usage stats in 2 hour and 24 hour processes, and if you notice the usage is way higher than usual and you are not running a campaign, something is going on. Also the usage goes from the color green, yellow and orange. With that being said, if the color is in the yellow and orange color, someone may be continuously trying to hack your website or send so many executions to bring your website down. And sometimes your hosting company may catch this and send you and email, plus ask you to block that website or ip address.
      Second, there are plugins that will let you see who is on your website in real time by the ip address, the country and search engine. If you see the same exact ip address going through some of your pages most customers don’t visit like pages number 2, 3 and so on, and they keep doing this, someone is looking for a way to get in. Formilla Live App does a great on letting you know whose on your website in a live manner. Crazy Egg Heat maps and Hotjar are also heat maps that will give you this information in real time. It’s the same thing for search engines.

  • Etienne Posted November 9, 2019 12:09 pm

    Hello Pat,

    I’m managing few websites together, and I have so many malicious & suspicious bots that visit my website almost daily, so it takes time for me to go through each one manually, I was wondering if there’s a plugin I can install that could do this job, instead of going through it manually Thank you

    • Pat Johnson Posted November 9, 2019 1:37 pm

      Yes there are Etienne, there are plugins that will let you see who is on your website in real time by the ip address, the country and search engine. If you see the same exact ip address going through some of your pages most customers don’t visit like pages number 2, 3 and so on, and they keep doing this, someone is looking for a way to get in. Formilla Live App does a great on letting you know who is on your website in a live manner. Crazy Egg Heat maps and Hotjar are also heat maps that will give you this information in real time. It’s the same thing for search engines.

    • Pat Johnson Posted November 9, 2019 1:45 pm

      Yes, there are plugins that will let you see who is on your website in real time by the ip address, the country and search engine. If you see the same exact ip address going through some of your pages most customers don’t visit like pages number 2, 3 and so on, and they keep doing this, someone is looking for a way to get in. Formilla Live App does a great on letting you know whose on your website in a live manner. Crazy Egg Heat maps and Hotjar are also heat maps that will give you this information in real time. It’s the same thing for search engines.

  • Kelly R, Posted November 9, 2019 8:49 pm

    This was fantastic information. I am a new website owner and I know as my website grows, security needs to become more of a priority. I have been exploring my options and I want to make sure my site is completely protected from hackers. I know there are all over online and it is imperative that I get my security measures maximized.

Add Comment

Your email address will not be published. Required fields are marked *

Omar-V-Google-Review.png

This was great training. It helped me since I’m just a humble garbage man that knows nothing about such things.Very thorough but not overwhelming. Highly recommend these professionals.

Territa-Reynolds-Smazzit-Customer-e1560586017260.jpg

I just learned how to build my own WordPress website from scratch, which is crazy. For months I had been looking for someone to build a site for me, but I couldn’t afford it smh. And to learn all this on my own, I never dreamed I could do this. The way everything was broken down in this course made it so easy.

Alex-Ahmed-Ragab-Smazzit-customer.png

Very helpful sessions ! Patricia was great in teaching me about search engine optimization and how to let my website grow !