block an IP address in WordPress

3 ways to block an IP address in WordPress

Learning how to block and IP address in WordPress is something every CMS manager should learn. Managing a WordPress website can be fun, all the features are built to make the process easy and there is so much you can do with them. But if you have been managing a busy website for some time, you will have likely come across a spam account or some other kind of offender. What do you do?

The process to block an IP address in WordPress is straight forward and it will seriously help boost the security of your website and to a limited extent, your search engine optimisation (SEO). In this blog post, we are going to cover three different ways that you can block an IP address in WordPress with ease.

Let’s first start with some reasons to be doing it.

Why do you need to learn how to block an IP address in WordPress?

There are a number of reasons why you might need to do this, but the main reason is security. Probably the most harmless reason is to restrict the access someone has to your website. This might be because they had access to the backend to develop your website and now you no longer want them to be able to change anything.

Another reason could be that your website has become the victim of Direct Denial of Service (DDoS) attacks. Finally, you might be running a popular blog and you are receiving spam posts.

The latter could negatively affect your SEO because it will chase new readers away, lowering the traffic to your website. Google will pick up on this and it could be what knocks your blog off from number one on the search engine results page (SERP).

Can serious threats avoid IP blocking?

Unfortunately, the answer is yes. There are a number of ways to get around an IP block on a website. In most cases, this will not be an issue for your WordPress website. A serious threat can change its IP address or use IP spoofing to appear as though there are different IPs.

To protect yourself from a more serious threat, you need to exercise a stronger security solution.

How to block an IP address in WordPress.

Before we dive into how you can block an IP address in WordPress, ask your hosting provider if they have any IP blocking services. Many hosting providers will supply the tools for IP blocking and some will be easier than the methods we will mention in this blog.

There are three main ways that you can find and block an IP address in WordPress that will discuss:

  • Manual blocking.
  • Plugins.
  • Editing your .htaccess file.

Manual blocking.

Manually blocking an IP address is only helpful for comments on your website. But if that is your only problem, then this is the only solution that you need. It’s quick and easy to do and you won’t need to install any additional plugins to your website. With this method, we are going to use the built-in tools that WordPress supplies to deal with spam and harmful comments.

To start, enter the Comments panel in your WordPress panel. This will display a list of all the comments on your website. Look down that list until you find the offending comment. Then, copy the IP address under the author’s name. Go to Settings and then to the Discussion screen in the back end. Find Comments Moderation and add the IP address to the text box. Finally, save your changes.

After you have done this, that user will no longer have the ability to comment on your website but they can still view it.


WordPress has plugins for almost every common problem. It’s what makes this content management system (CMS) so great. There is no exception when it comes to blocking an IP address either. You will likely find that many of the IP finding and blocking options will come with other security features too.

It’s important to note that you will likely have to get two plugins. One for finding the IP and another for blocking. Finding an IP address for a problem that is not in the comments section of your website is not something WordPress can do on its own.

To find the perfect plugin that won’t break your website, follow this guide: Don’t let your next plugin ruin your WordPress website.

Editing your .htaccess file.

If you have a dedicated development team to take care of your website, all you would need to do is ask them to ban the IP address in question. For this method, you will still need a way to find the IP address of the offender and confidence to edit the .htaccess file. So, if you don’t have help from a development team, then this is how you completely ban a user from your WordPress website.

Before you even start, make sure you back up your website, have skills in File Transfer Protocol (FTP), an FTP client and a way to read the .htaccess file. Without these, it would be way better to find a great plugin instead.

OK, now that we are at this point, let’s learn how to ban someone. Use your FTP client to access your server using the credentials listed within your hosting account. Then, make your way to your website’s WordPress installation and find the .htaccess file and open it.

Add this bit of code to the end of the file or on a new line, replacing the IP address with the one you want to block:

Order Allow,Deny
Allow from all
Deny from 168.212. 226.204

Finally, save your changes and it’s done. Whoever that IP address belongs to is gone. Use this power responsibly.

Get the best management and development for your WordPress Website.

Learning how to block an IP address is only the start of WordPress website management. Thankfully WordPress does what it can to make every stage as easy as possible, but they still take time and the know-how. Especially when things go wrong.

This is where the WordPress specialists at Web2Web come in. Our experience with WordPress has allowed us to know it inside and out. So, if something happens to your website, you can count on our team to fix it.

Don’t wait for problems to find you, solve them before they happen with Web2Web.