Block unwanted visitors using their IP address on your Joomla site?

Sometimes you need to block a certain IP address, a group of addresses or certain hosts from accessing your Joomla website. Reasons may include:

  • It's a hacking attempt coming from that IP
  • Someone is scraping content from your website
  • A brute-force attack (in most cases a DoS - Denial of Service - attack is originated from that IP (there are too many requests coming from a particular IP
  • Someone continuously spamming your website
  • Some content from your site (images, media files) are hotlinked from your website.

The solution is simple, but is advised to apply first other tools to stop these bad guys - overuse of this tip can slow down your site considerably, use it ony if you don't have anything else - or you are in hurry to stop an ongoing attack.

The tip is a somewhat simplified and detailed application of an older tip (Enhance your security with .htaccess rules). This is not complicated at all, all you need to do the following:

  • Connect through FTP to your website
  • Download the file called .htaccess or create a new one if you don't have already one in your WEBROOT
  • Add the following lines to the .htaccess file:
    order allow,deny
    deny from 70.80.121.123
    allow from all
    
  • Now let’s assume that you are being attacked by more than one IP, here’s what you should do
    order allow,deny
    deny from 70.80.121.123
    deny from 60.80.23.44
    allow from all

    Now let’s assume that you are being attacked by a range of IPs, for example, all the IPs that start with 72.68.121, here’s what you should do:

    order allow,deny
    deny from 72.68.121
    allow from all
    
  • Now let’s assume that you are being spammed/hacked by a small sized ISP, and you decide that you don’t want any traffic coming from that particular ISP, here’s what you should do:
    order allow,deny
    deny from badisp.com
    allow from all

Now, the question remains, how do you know what are the IPs that are spamming you? This is very easy, you check your log files, and see if there are repetitive requests from that same IP.