cPanel has an IP blocking mechanism to help you secure your site from individuals who you deem suspicious or malicious. This works fine for a single IP or even a handful. It is not advisable however, if you want to block an entire country using your .htaccess file.
People may want to block a country for different reasons. Some countries are more notorious for having hackers or spammers. Other people want to block a country simply because they do not do business with them. In any case, you can set the code within the htaccess file to block the IP ranges of certain countries. Follow the instructions below to perform this task.
Blocking a Country From Accessing Your Site via the .htaccess File
- First you will need to collect the data. You want to find a reliable list of IPs for the country you want to block. Doing a search, we find that you can get your deny list generated at IP2Location’s free visitor-blocker generator. Using this tool will let you download a text file with the code needed to block a country. In our example, we randomly chose Algeria. The output format we chose is the Apache .htaccess deny. Follow the steps to download your file.Note: If you cannot find the IP address to a specific set of countries, sites like countryipblocks.net offer this data for a fee.
- Open your file in the text editor of your choice and highlight and copy the information in the file.
- Next, log into your cPanel to access the .htaccess file.
- Find the Files category and click on the File Manager icon.
- You will then see your files listed, ensure you are set to show hidden files.
- Navigate to the Document Root directory for your website, locate the .htaccess file, and right-click it. This brings up a menu. Find and click on the Edit option.
- You are now in the File Manager file editor. Paste your code into your .htaccess file so that it forces the visitor to download that type of file. The code should be formatted similar to that below but be much longer. (Some countries like China and the US can have thousands of lines in their block code.)
order deny,allow deny from 220.127.116.11/23 deny from 18.104.22.168/32 deny from 22.214.171.124/32 allow from all
- Be sure to hit the Save Changes button in the upper right corner to save your new .htaccess configuration. Now any IP from those ranges will be denied access to your site.