Blocking visitors on WordPress with IP.

Aug 6, 2024 | WordPress

How to Block Visitors on WordPress Sites With IP Addresses

Are you looking for a method to enhance the security of your website? Do you want to do this by blocking IP addresses? Well, you are on the right page. This article will be your complete guide on how to block visitors on WordPress sites with IP Addresses.

IP address, also known as Internet Protocol, is a set of unique numbers assigned by your network provider to connect your system to the Internet. Whenever someone visits your website, their IP address is stored in your website’s access log files.

This also means that all the websites you visit store yours, too.

As your website’s traffic grows, you will often witness some unknown traffic trying to break into your website, which is often malicious. At first, the attack seems like nothing, but it can do much more harm than just barging in. Once the attackers find a way to enter your website, they can store unwanted files, redirect your visitors, or even deface them to blackmail you.

 So, you must block their IP address in order to keep your website’s data safe.

Reasons to Block IP Addresses on WordPress Sites

Reasons to block visitors on WordPress using IP addresses.

1. Enhancing the Security

The main reason to block visitors on WordPress sites with IP Addresses is the security threats to your websites.

The suspicious IP Addresses try to get unauthorized access to your website, attack it, and can also hack your website resulting in a data breach. Other forms of security threats include a DDoS attack, a malware attack, phishing, spam messages, etc.

The most common sign that your website is hacked is that it becomes extremely inaccessible to you and takes forever to load. For this reason, it is extremely important to make your website super secure by blocking such malware and unwanted IP Addresses.

2. Targeting Specific Audience

It might be possible you want to target a specific audience living in a specific region or country. And to avoid unwanted traffic to your website, it makes sense to block visitors coming from the IP Addresses of other countries or regions. Not only this, blocking these IP Addresses will help you reduce the bandwidth costs too.

3. Boosting Website Performance

Blocking IP Addresses should not only be linked to the security of the website, but it can also be used to optimize the performance of your website. This means you can block the traffic coming from known spammers. Blocking it will help reduce spam in comment sections and contact forms.

This way, you can keep your site clean and user-friendly.

Methods to Block Visitors on WordPress Sites With IP Addresses

IP Addresses can be blocked manually as well as by using an IP blocker. Before going into the methods to block the IP Addresses, you must identify the suspicious ones. Every website keeps a record of all the visitors on it, you need to look for anyone who has left irrelevant comments or spam messages.

There are 2 ways to identify unknown and suspicious IP Addresses:

1. In the WordPress Comments Panel

The easiest way to locate spam and malicious activity is to look in the comment section. To do so:

  • Head to the Admin Dashboard of your WordPress website and navigate to the “Comments” option.
WordPress Comments option.
  • This is the tab where you can find all the details about the visitors, such as the name, IP Address, Email, etc, who have commented.
Comments window in the WordPress admin area.
  • Now, start reading the comments and look for the suspicious and irrelevant comments here. For example, look for users whose names don’t match with their e-mails, randomly generated names and users who have posted external links. The ones with the external links are the main culprits without any doubt.
Noting down IP addresses in the comments window.
  • Note down the suspected IP Addresses to block them.

2. Get Into Your Site’s Server Logs

The above method is to identify surface spam but to track more sophisticated attacks; you need to study other factors, such as a sudden surge in the web site’s traffic or several failed login attempts. For this, you have to look in your server logs from your server account dashboard.

  • In your server account dashboard, go to the cPanel and find the “Metrics” option. Here, you will find a list of folders; look for the “Raw Access.”
  • Next, click on the domain name to download the access logs on your system.
Downloading Access Row Log.
  • The downloaded access logs are in the .gz archive file. Extract the logs from it.
  • Then open the log in Notepad. You will get to see all the IP Addresses that have made access requests to your site. Locate the IP Address that has been repeatedly sending the request. Note it down to block it.

Once you have identified the IP Addresses that you want to block, you can use either of these 3 methods.

Method 1: Blocking IP Addresses Manually in WordPress

You can manually block the IP Addresses from your WordPress dashboard. There is an option to blacklist suspicious comments from the comment section so that the commenter loses the ability to comment further on your website.

  • All you have to do is to navigate to SettingsDiscussions from the WordPress dashboard.
  • Once you open the Discussions tab, scroll down to find “Disallowed Comment Keys”. Now, paste the suspicious IP Addresses that you noted earlier in the given space.
Disallowed comments options to block visitors in WordPress using IP addresses.
  • Now click on “Save Changes” to block these unwanted IP Addresses.

Method 2: Using cPanel’s IP Manager/Blocker

Many hosting providers have the option to block the IP Addresses in the WordPress websites. Simply, you have to open the hosting account and block it using these steps:

  • Once you have logged in to your hosting account, head to the cPanel and navigate to the “Security” section. Here, you will find a folder named “IP Blocker”.
IP blocker option in the server cPanel.
  • Here you will see a space where you can either enter the IP Address that you want to block or even the range.
Adding IP addresses in the IP Blocker option.
  • After filling it, click on the “Add” button. Now this IP Address won’t be able to access your WordPress Website.

Method 3: Using a Security Plugin

The most common and easiest way to block IP Addresses is to use a security plugin. If you want to maintain the tight security of your WordPress website, install the All-In-One Security plugin. This is a free WordPress plugin that provides Login security tools to protect your websites from malware and other malicious attacks.

It comes with a Firewall that provides you protection from any kind of security threats. Using this plugin will even eliminate the need to identify the IP Addresses manually. Because it automatically identifies the suspicious IP Addresses and blocks them.

This is how you can use All-In-One Security (AIOS):

  • Head to the “Plugins” tab in the Dashboard’s menu and install the AIOS plugin.
Installing WordPress security plugin to block visitors using IP addresses.
  • Once this plugin is installed, you will get to see the new tab named “WP Security” in the menu.
WP Security options in the WordPress Dashboard.
  • Click on the tab and navigate to Firewall Settings → Blacklist tab.
Blocking visitors using IP addresses with a plugin.
  • Now add the IP Addresses in the space given for “Enter IP Address” and save settings.

Wrapping Up

Once your WordPress website starts growing, you will witness some digital threats around you. It is not necessary that you will get hacked or attacked, but prevention is better than treatment.

Your website is vulnerable if its security is not very strong. As it is live anyone can have access to it. So, it is essential to keep a close eye on two things: A surge in traffic or abnormal traffic to the website and irrelevant comments or spam. Because of these kinds of threats, it becomes crucial to block IP Addresses to keep the site clean and safe.

Other than security, blocking IP Addresses can enhance the website’s performance and speed. Blocking IP Addresses is not a very difficult task, you can either block it manually from WordPress’s dashboard or you can add a security plug-in.

Identify and block the suspicious IP Addresses today, and stay safe!

Posted By:
Vishvendra
Vishvendra believes in the keep learning process and applying those learnings into work. Other than technical writing, he likes to write fiction, non-fiction, songs, and comic ideas. He loves what he writes and writes what he loves. Search his name with "Nathawat," and you'll easily find him over the internet.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Divi Extended membership
WPMozo
Divi WooCommerce Extended