CPANEL setting up ALLOW and Deny on IP addresses / forcing HTTPS

Two changes to the .htaccess that are easy to implement and will improve the security of PHP websites.

If you have subdomains that you would like to restrict access to and they are running a PHP site. You can use the .htaccess file to allow or deny access.

A very uncomplicated way is if you have a particular site that you would like to ringfence why not just reduce access to it to one location… Your home..

require ip x.x.x.x
require ip y.y.y.y

You can also use this to allow or block entire countries

Block a country from your site

And if you would like to find out the IP address range required to block you can find that here.

The nice thing about this is that it works on subdomains. Using the CPANEL file manager just go into the subdomain find the htaccess file and block accordingly.


Force all of your pages to use HTTPS. To do this you will need to modify your .htaccess file (or create one if it doesn’t exist)

Using the Code Editor in the file manager, add these lines to the beginning of the .htaccess file

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]