Foreign IP addresses sometimes host malicious attempts to hack or otherwise access web sites. One way to block hackers, scammers and others with malicious intent from your website is to block IP addresses. Administrators can use the .htaccess file located within their server's top-level directory to block a single foreign IP address or entire ranges of IP addresses.
Determine which foreign IP addresses you want blocked. Websites such as IPdeny and Country IP Block provide listings of IP addresses compiled from regional Internet Service Providers (ISPs).
Locate the ".htaccess" file in your server's directory. It is normally in the higher-level directories such as "/www/htdocs/.htaccess". Use a text editor to open the ".htaccess" file.
Copy the following and paste it to the ".htaccess" file:
order allow,deny deny from "x" deny from "x" deny from "x" allow from all
"X" represents the foreign IP address you want to block (for example, "192.168.22.132"). To block a single IP address, enter the address in place of the "X". To block a range of IP addresses, enter the IP address in place of the "X", but leave off the two sets of digits at the end. A range-blocked IP address should look like "192.168."
Save the edited ".htaccess" file and load it onto your server. Go to your website and make sure there are no server errors. If you want to make sure the edited ".htaccess" file is working, you can use a proxy with the same IP address or range as the ones you blocked and try to access the website.
Back up your “.htaccess” file before making any changes to it. Any errors in the file will result in a “Server Error 500” message when you access your website.