The .htaccess file is a hidden text file within your hosting account that can be very powerful. It is designed so that you can modify it to change the behavior of your website that normally would take higher access beyond your account. It acts as a liason between your domain and the server and can perform many functions.

The cpanel has an IP blocking mechanism to help you secure your site from individuals who you deem suspicious or malicious. This works fine for a single IP or even a handful. It is not advisable however, if you want to block an entire country.

Many people want to block certain countries for different reasons. Some coutnries are more notorious for having hackers or spammers. Other people want to block a country simply because they do not do business with them. In any case, you can set the code within the htaccss file to block the IP ranges of certain countries. Follow the instructions below to perform this task.

Blocking a country from accessing your site via htaccess

  1. First you will need to collect the data. You want to find a reliable list of IPs for the country you want to block. Doing a search, we find that you can get your deny list generated at IP2Location's free visitor-blocker generator. Using this tool will let you download a text file with the code needed to block a country. In our example, we randomly chose Algeria. The output format we chose is the Apache .htaccess deny. Follow the steps to download your file.
  2. Open your file in the text editor of your choice and highlight and copy the information in the file.
  3. Next, we will need to log into your cPanel to access the htaccess file.
  4. Find the Files category and click on the File Manager icon.
  5. A popup box will appear. For the primary domain, click on the Web Root radio button. For addon domains, click on the dropdown and find your desired addon domain name. Be sure the checkbox next to Show Hidden Files is checked. Click the Go button to enter the File Manager.
  6. You should now be in the root folder of the domain you chose. Look for the .htaccess file and right click on it. This brings up a menu. Find and click on the Edit option. If you get a popup box, simply find and click the Edit button in the lower right corner to continue to the editor.
  7. You are now in the htaccess editor. Paste your code into your htaccess so that it forces the visitor to download that type of file.The code should be formatted similar to that below but be much longer. Some countries like China and the US can have thousands of lines in their block code
    <Limit GET HEAD POST>
    order deny,allow
    deny from
    deny from
    deny from
    allow from all
  8. Be sure to hit the Save Changes button in the upper right corner to save your new htaccess configuration. Now any IP from those ranges are now denied access to your site.
Did you find this article helpful?

We value your feedback!

Why was this article not helpful? (Check all that apply)
The article is too difficult or too technical to follow.
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
How did you find this article?
Please tell us how we can improve our Support Center:
Email Address
Optional, but our team may contact you for more information.
Like this Article?


Post a comment
n/a Points
2014-03-01 12:17 pm

I am new to this but I think I understand.  I have been entering the IP's one by one into the Domain Deny Manager so when I looked a the htaccess file I could see my list. This has been alot of work.  Should I delete these and start fresh, or just add the list of IP's to this list which I generated to the ones alreay there.

Before I do this the pop up box advises I sould back up my existing file first.  Where should I do this?  Should I make a new file on the left side of the screen called BackUp and put the original in there?

Thanks for the help.

4,112 Points
2014-03-03 10:43 am
It is always a good idea to back up your files before making any changes. The easiest way to do so would be to copy the file as a different file name such as .htaccess.old.

Post a Comment

Email Address:
Are you a bot?

Please note: Your name and comment will be displayed, but we will not show your email address.

Write New!
Do you want to publish a tutorial to our support center?

News / Announcements

SSL Certficate Warnings
Updated 2014-04-14 11:34 am EST
Hits: 2220
Heartbleed 0-day OpenSSL security bug
Updated 2014-04-14 04:43 pm EST
Hits: 5641

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Need more Help?


Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail:
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!