Need help? Call us on 1300 789 260

Blocking access via a .htaccess file

Difficulty: Intermediate


Access to your hosting via Plesk or FTP.


If you want to block access to a directory on your website or to all of your website, you can do this via a simple Apache .htacess file. This file allows you to override some of the default Apache settings, including the Apache Access Control via the Allow / Deny statements.

This can be useful when you immediately want to block access, for example when you have a plugin and/or part of your website compromised.

Block Everyone

To block access, create a .htaccess file in the directory you want to block. If it's the entire website, this is the "httpdocs" directory. This will apply to all subdirectories as well. Add this to the .htaccess:

Deny from all

Every URL will now return a "403 Forbidden" error message to the browser.

Block Everyone Except your IP

If you want to restrict access to the admin area of your site via IP, this can also be done via the .htaccess file. Examples are the administrator directory for Joomla and the wp-admin directory for WordPress. Create a .htaccess file and add the following:

Order deny,allow
Deny from all
Allow from <YOUR_IP_ADDRESS>

If you don't have a static IP, you'll need to update this file every time the IP changes for your Internet connection.

You can read more information on the Apache site here .

Was this article helpful? Yes No

Having trouble? We’re here to help!

We’ve built our company with a serious focus on quality service. Feel free to give us a call!

1300 789 260