As is known to all, WordPress is one of the most widely used and popular CMS and website building tools since now. As researched in February of this year, this script is used by more than 27.5% of the best 10 million online platforms. This great number indicates the popularity of it. But also, it means that the WordPress based websites are the main targets of hackers. To avoid the potential dangers, you should generate the shield for both the front-end and the dashboard of your website. For this, we’d like to tell you how to ban IP address in WordPress for the better security.
Why You Should Ban Some IPs
Actually, the IP address is 4 parts of numbers that are ranging from 0 to 225. Each computer has the exclusive IP address based on the internet service provider. In this case, no matter who visit your website, their IP addresses can be stored in the access log files of your site. If you find some of these IP addresses do the following things bad to your website, you can consider blocking them from accessing your website.
- Access your WordPress admin panel at the certain interval without your permission.
- Always leave the spam comments on your website.
- Always send you the spam emails.
- Always perform the hacking attempts or the DDoS attacks.
Ban IP Address in WordPress Manually
Before blocking the suspicious IP addresses, you firstly should find out them. If you only want to get the IPs that leave the bad comments on your site, you can check the Comments section from the admin. After all, WordPress will store the information automatically.
To ban them, you can enter the Settings > Discussion area. In the Comment Blacklist section, you just need to list these bad IP addresses into the block properly.
But actually, the easiest method is to make use of your cPanel control panel. Within the cPanel, there is a Raw Access Logs area. Click it.
In the next page, you need to hit your domain name to download the file that contains all the IP addresses accessing your website. Note that the file is of the .gz format. After processing it, you can open the access log file using the Notepad.
Now, you can check all the IP addresses that access or perform some practices on your website. And then, you should focus those trying to enter your admin or accessing your website repeatedly within a short time. If you are not sure whether the IP address should be blocked or not, you can check the IP Finder platform to check out whether the IP has been blacklisted by other webmasters.
To block the suspicious ones, you can open the cPanel again and click the IP Block button from the Security area. Here, you can enter the exact IP address or the IP range you want to ban. And then, you can click the Add button.
Here, you need to make sure that you have not banned the IP addresses of your registered users and even search engines.
Ban IP Address in WordPress Using Plugins
It is possible that you do not have the cPanel to manage and to control your WordPress site. If so, you can make use of the related plugins.
The IP Ban plugin is a simple security plugin. With it, you can protect your website from checking by some unwanted IP addresses easily. Also, you can block the user agents and some unwanted crawlers if you want. This can improve the website security, along with saving your bandwidth.
Here, you simply need to add the IP addresses in the text area.
In addition, if someone access your website via the blocked agents or the IP addresses, you can choose to redirect them to the pre-determined URL if you want. Note that you can choose not to redirect the logged in users.
The WP Ban plugin works the same way as the previous one. However, it allows more freedom to you for blocking the IP addresses.
After entering the Settings > Ban section of your WordPress admin panel, you firstly can learn the details of your website, including the IP, the host name and the agent. This can prevent you from blocking yourself.
And then, you can ban the blacklisted IP addresses, IP ranges, host name, referrers and user agents easily from the corresponding blocks. Below all the blocks, you can check the statistics for all the banned IPs. Here, you can know how many times these blocked IP addresses are looking to access your website.
The best part of this plugin is that you can display the banned message if you want. The message includes some key variables, such as your website name, URL, user IP and user attempts. You can modify the message freely or restore to the default template based on your needs.