How to block a specific IP or Hostname from accessing your web-site using htaccess

Recently I figured out that someone was accessing repeatedly a specific url of my web-site causing a huge amount of traffic which finally resulted to a warning from my provider for exceeding the available to me bandwidth. So, I had to block that someone.

There were two steps involved in this process:

1. Identify the offender
2. Block the offender

Identifying the offender was simple using the server logs which are being analyzed by webalizer (but any other similar tool would do).

Having identified the offender (I had the offender's host name) I had to ban it from the site.

My provider does not give me access to a httpd.conf (I am using shared hosting) so I had to use .htaccess file in the webroot of my site. Below are the steps I followed:

1. Create a .htaccess file in the webroot of your site (usually in /httpdocs)
2. In the .htaccess file add the following lines:

order allow,deny
deny from hostname.com
deny from xxx.xxx.xxx.xxx
allow from all

In the above replace the values in italics with the actual that you want to ban (tip: to get the ip address you can just ping the hostname and will resolve to the ip address)

Finally save the file and you should be ready.