Hello.
There is someone who keeps on coming on my website and making strange searches.
Is there a way that I can block its IP from coming to my website?
Can I ban an IP and how can I do it?
Thank you!

Comments

JohnForsythe’s picture

Basically, you can use .htaccess to deny their IP. I wrote an article about this just a few weeks ago, take a look.

--
John Forsythe
Need reliable Drupal hosting?

scatteredbrainV’s picture

Thank you!
Very interesting article!

scatteredbrainV’s picture

What if my drupal installation doesn't have an .htaccess file? Can I insert those few lines of code in the robots.txt file?
Or is there another option?
Thanks!

r0g’s picture

Drupal should install with a 4kb .htaccess file. This is important for security and cleanURLs. Are you sure you don't have this?

You can ban IPs directly from c-panel (if you have c-panel)

Regards,

Roger Heathcote - www.technicalbloke.com

JohnForsythe’s picture

It won't work in robots.txt. You could create a new file called .htaccess and put it in there.

The best solution, however, is to download Drupal again and copy the .htaccess file over. As mentioned, it has some important stuff in it.

--
John Forsythe
Need reliable Drupal hosting?

scatteredbrainV’s picture

Strangely enough for me, the .htaccess file results in my backup version of the same site online. I wonder whether my host strips it away...
Anyhow, I updated the backup version of the .htaccess and I banned that IP, and then uploaded it. I'll wait and see if it works.
Thank you!

mooffie’s picture

Another possibility is to do that in Drupal itself: q=admin/user/rules

scatteredbrainV’s picture

I set the deny option on the IP in the Access Rules section.
Let's see if it works.
BTW, the .htaccess file has been delited from my server, again.

mooffie’s picture

>
> BTW, the .htaccess file has been delited

Perhaps the software you're using to browse that folder is configured not to show files whose name begins in '.' (dot)? These are considered "hidden files". Create some other file beginning in a dot and see if it gets "deleted" too.

>
> [...] on the IP in the

People don't always have a fixed IP. You may need to use wildcards to ban a wider network. But remember to remove this ban after a few days.

scatteredbrainV’s picture

Thank you mooffie.
I tried the option "Show hidden files" but it did not display the .htaccess file.
Anyway, I noticed that the IP I banned has always been the same performing that search, so I used the access rules and denied that IP.
Till now, it seems like it is working.
Thank you.

francewhoa’s picture

Loving back your Drupal community result in multiple benefits for you