Managing IP Blocker in cPanel
cPanel’s IP Blocker (also called IP Deny Manager) allows you to block specific IP addresses or IP ranges from accessing your website. This is a useful security tool for preventing unwanted traffic, stopping brute-force attacks, or blocking known malicious visitors.
Accessing the IP Blocker
- Log in to cPanel.
- Navigate to the Security section.
- Click on IP Blocker.
Blocking an IP Address
- In the Add an IP or Range field, enter the IP address or range you want to block.
- Click Add.
The IP address is immediately blocked from accessing your website.
Supported Formats
You can enter IP addresses in several formats:
| Format | Example | What It Blocks |
|---|---|---|
| Single IP | 192.168.1.100 | One specific IP address |
| IP Range (CIDR) | 192.168.1.0/24 | All 256 IPs from 192.168.1.0 to 192.168.1.255 |
| IP Range (Implied) | 192.168.1.0-192.168.1.255 | All IPs in the specified range |
| IP Range (Implied Class) | 192.168.1. | All IPs starting with 192.168.1 |
Viewing and Removing Blocked IPs
Below the “Add an IP or Range” form, you will see a list of Currently-Blocked IP Addresses. For each entry:
- The blocked IP or range is displayed.
- Click the Delete button next to an entry to unblock that IP.
- Confirm the removal when prompted.
When to Use IP Blocker
- Brute-force attacks: If you notice repeated failed login attempts from a specific IP in your server logs, block it.
- Spam or abuse: Block IPs that submit spam through contact forms or comment sections.
- Scraping: Prevent bots from an identified IP range from scraping your website content.
- Geographic restrictions: Block IP ranges associated with regions you do not serve (though a CDN or application-level solution is better for large-scale geo-blocking).
- Security incidents: Immediately block IPs identified in security alerts or intrusion attempts.
How It Works
When you block an IP through cPanel’s IP Blocker, it adds a Deny directive to your .htaccess file (on Apache servers). For example:
deny from 192.168.1.100
Visitors from the blocked IP will receive a 403 Forbidden error when trying to access your site.
Important Notes
- Do not block your own IP address. If you accidentally lock yourself out, you will need to remove the entry via FTP, File Manager, or by contacting your hosting provider.
- Blocking large IP ranges may unintentionally block legitimate visitors. Be as specific as possible.
- The IP Blocker works at the web server level. Blocked visitors can still attempt connections to other services (FTP, email) unless those are blocked separately at the firewall level.
- For persistent or large-scale attacks, contact your hosting provider — they may have server-level firewall tools (such as CSF or ConfigServer Firewall) that are more effective.
- To find which IPs to block, review your access logs or error logs in cPanel under the Metrics section.
IP blocking is one layer of a comprehensive security strategy. Combine it with strong passwords, updated software, ModSecurity, and regular monitoring for the best protection.