.htaccess – Deny IP & Block IP Range

The .htaccess file is a configuration file for the Apache web server, that can be used to restrict access to a web-site from a specific IP or a range of IP addresses.

In this note i will show how to deny access from one or several IP addresses via .htaccess file and how to block access from a range of IP addresses or from entire subnets.

Cool Tip: Redirect a website to a maintenance page via .htaccess! Read more →

Deny Access by IP

To deny access from a specific IP address, add this line to .htaccess file:

Deny from <ip-address>

Block access for several IP addresses:

Deny from <ip-address> <another-ip-address>
- or -
Deny from <ip-address>
Deny from <another-ip-address>

Restrict access from a subnet:

Deny from <ip-address>/<subnet>
- e.g. -
Deny from

To block a specific IP range you would have to represent it as a set of subnets, that can be easily done using IP Range to CIDR calculator.

For example, to block the IP range from to, you should deny access from these subnets:

Deny from
Deny from
Deny from
Deny from
Deny from
Deny from
Deny from
Deny from

IP ranges in .htaccess can also be blocked using a wildcard, e.g.:

Deny from*
Deny from 192.16.*.*
Deny from 192.16

IPv6 addresses can be blocked via .htaccess similar to IPv4:

Deny from fe80::1ff:fe23:4567:890a
Deny from fe80::1ff:fe23:4567:890a/10
Deny from fe80::1ff:fe23:*:*
Deny from fe80::1ff:fe23
Was it useful? Share this post with the world!

One Reply to “.htaccess – Deny IP & Block IP Range”

  1. how i can block host? same way as IP?

Leave a Reply