How to add a blacklist to Apache2 and block IP Addresses on the whole server

Posted on
Create a blacklist in Apache2 and block IPs for the whole server

Block out strange visitors IP addresses with a Apache2 Blacklist.

Sometimes one find’s some strange visitors coming to their websites. These strange visitors may or may not identify them selves with a 1995 type display resolution of 1024 by 768 while pretending being an iPhone. Very strange. Such visitors are not real users and them visiting my sites is not my intention. Therefore I have applied a little Blacklist which blocks IP addresses on the whole server.

How to implement a Apache2 Blacklist

Now let me explain the little steps to implement such a IP blacklist for Apache2.

First you need to create a configuration file in /etc/apache2/conf-available

nano /etc/apache2/conf-available/ip-blacklist.conf

and past in this content into it:

<Location />

order allow,deny

#Blacklisted IP's
#deny from

# allow everyone else in
allow from all


and to block an IP address, you just enter a new line below #Blacklisted IP’s with “deny from IP ADDRESS”. Save the file and enable the blacklist and reload Apache2 with:

a2enconf ip-blacklist
service apache2 reload

And your blacklist is in place and effective now.

How to create a Blacklist in Apache2 to block IP addresses
How to create a Blacklist in Apache2 to block IP addresses

Is there a blacklist file?

There are many IP Blacklists for blocking certain IPs, Networks and Subnetworks. I found a Blacklist on Github, blocking many many networks. But to avoid blocking out real visitors, I would recommend to block IP addresses one by one.

Related Articles
This tutorial is mainly written to help enthusiasts in Kenya to setup their own web server with Digital Ocean and host a WordPress blog on Read more
Firefox's tracking protection is, by default, only enabled in "Private Browsing". But there is a switch that allows you to enable Tracking Protection permanently. Just Read more
Just an idea how you could create SSL certificates using Let's Encrypt for your clients mail domains in ISPConfig and have it being delivered via Read more
In case you, for some reason, have troubles getting SSL certificates for your site in ISPConfig, then the reason for this problem is might not Read more
Expand the Storage for a client in ISPConfig, with Digital Ocean's Block Storage dynamically and within just a few minutes.
Leave a Comment / What do you think?

Your email address will not be published. Required fields are marked *