· Tutorial ·

Blocking web access via .htaccess

In this manual we will explain how to deny access to someone on our website by editing the .htaccess file.

Connect via FTP to the "/data/web/" directory and edit the ".htaccess" file.

info The ".htaccess" file is hidden. If you do not see it, you should enable the option to view hidden files in your FTP client. You may also need to create it.

Next, add the lines of code we specify according to the needs of your web page.

Deny access to a specific IP address

With this first code, you will be able to block access to a user by their specific IP address. This way, when the user wants to connect, he will be shown a 403 Forbidden error:

deny from

You may need to block an entire IP block (we do not recommend this). To do this you must leave the last octet unspecified, thus denying access to anyone with that IP in the range to

deny from 173.236.241.

Allow access only to a specific IP

If, on the other hand, what you need is that nobody can access your website, but you or someone must be able to see it to work on it, you can block access to all IPs except one in particular with the following code:

order deny,allow
deny from all
allow from <TU_DIRECCION_IP>

Deny access to a specific domain

With this we will make it so that anyone connecting to your site from a specific domain, for example "www.swmanuales.com", will not be able to access it. There are three ways to do this:

403 forbidden

If someone clicks on a link on swmanuals.com that redirects to your site, they will see a 403 Forbidden error:

SetEnvIfNoCase Referer "swmanuales.com" bad_referer
Order Allow,Deny
Allow from ALL
Deny from env=bad_referer

500 internal server error

A 500 Internal Server Error will be displayed to deny any web requests redirected from the swmanuales.com domain:

RewriteEngine on
RewriteCond %{HTTP_REFERER} swmanuales\.com [NC,OR]
RewriteRule .* - [F]

Redirect to google.com

This code redirects any visitor from the URL http://swmanuales.com to the URL http://www.google.com:

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://swmanuales.com/
RewriteRule /* http://www.google.com [R,L]

Deny access to files

With this code we will deny access to any file with the extension we specify. Instead of displaying the content, you will see a 404 error. *In the example, the code forces any file ending in .inc to give a 403 error when visited:

<Files ~ "\.inc$"> 
Order Allow,Deny
Deny from All

Deny access to "hidden" files

Hidden files such as .htaccess, are those files that begin with a dot ".". These types of files are not visible to visitors. You can recursively deny all access to all files by putting the following code at the top of your .htaccess:

RedirectMatch 403 /\..*$

Deny access to directories

If you do not have an index file in your directory, all your files are listed in a directory listing for anyone to see. Usually, we always have an "index.html or index.php" file in our service, but we may need to deny access for security reasons. You can deny access to a particular folder or directory with the following code so that when a visitor accesses the directory list it gives a 404 Forbidden error:

Options -Indexes

Deny access to a specific directory

If you have a specific directory that you do not want users to access, you must use the following code. We will put for example that the directory that we want to block is called "swmanuales":

RewriteEngine On
RewriteRule (^|/)swmanuales(/|$) - [F]

Deny access during a specific time of the day

This way we will deny access to our website during a specific time of the day. We can specify one or several hours.

Example, specifying not to allow access from 15:00 to 15:59:

RewriteEngine On
# Si la hora es 15 (3 PM)
RewriteCond %{TIME_HOUR} ^15$
# Negar todos los accesos
RewriteRule ^.*$ - [F,L]

Example, specifying that access is not allowed from 15:00 to 16:59 and from 6:00 to 7:00:

RewriteEngine On
# Si la hora es 3 PM o 4 PM o 6 AM
RewriteCond %{TIME_HOUR} ^15|16|06$
# Negar todos los accesos
RewriteRule ^.*$ - [F,L]