Generally, you can use your .htaccess file to block access to your site from certain IP addresses. This can be an effective method of blocking attacks that originate from a specific location.
If you are running WordPress, you most likely already have an .htaccess file in your site’s directory structure. If not, you’ll need to create one.
To create a new .htaccess file, just make a new file and call it “.htaccess”. Note the dot at the beginning and nothing at the end.
To block an IP using .htaccess, add the IP to your file as follows:
Deny from 126.96.36.199
If you need to block a range of IPs, you can do that like so:
Deny from 123.123
Block multiple IPs by providing a list of IPs to block (separated by spaces, not commas):
Deny from 188.8.131.52 184.108.40.206 333.333.333.333
You can get more advanced than that with regular expressions and other .htaccess tricks. Check out the following article for more advanced examples: