How to block IP addresses in cPanel IP Blocker

cPanel IP Blocker helps you deny website access for a specific IP address, range, or domain name. Use it when you detect repeated abusive visits, spam attempts, or traffic that you have clearly identified.

This block applies to web access for the site. If the problem is a distributed attack, malware, high resource usage, or a server firewall block, contact support so the full case can be reviewed.

Before you start

• Confirm the exact IP or range you want to block; do not use incomplete data.
• Have access to cPanel for the affected domain.
• Check that the IP does not belong to a legitimate service, such as a payment gateway, monitoring provider, or CDN.

Steps

Locate the IP you want to block

Review your logs, statistics, or security notices to identify the IP that is causing the problem. If it comes from a spam comment, form, or login attempt, copy only the IP address and avoid blocking full ranges without confirmation.

You can also ask support to help validate the IP if you are not sure. Blocking the wrong IP can prevent access for customers, collaborators, or external services.

Open IP Blocker in cPanel

Log in to cPanel and use the top search bar to type IP Blocker. In some Spanish themes, it may appear as Bloqueador de IP inside the security section.

When you open the tool, you will see a field to add an IP address, range, or domain name, and a list of existing blocks if any are already configured.

Add the address or range

In the main field, enter the IP or range you want to block. cPanel usually accepts formats such as a single IP (203.0.113.10), a range (203.0.113.0-203.0.113.255), or a fully qualified domain name when applicable.

Click Add or Añadir. If the format is valid, cPanel will save the rule and show it in the blocked addresses list.

Verify the block

Check that the IP appears in the active blocks list. If you have a safe way to test from that network, try opening the site and confirm that access is denied.

Then check your site from your normal connection or a private window to confirm that legitimate visitors can still access it without problems.

Remove the block if it was too broad

If you blocked a range by mistake or notice that it affected legitimate traffic, return to IP Blocker, find the rule in the list, and use the delete or remove option.

After removing it, test the site again and confirm that expected access has been restored. Keep only blocks that you can justify with a clear IP or pattern.

When to ask support for help

• The traffic comes from many different IPs and changes constantly.
• The site is still slow or showing errors after blocking one IP.
• You need to confirm whether the IP belongs to a bot, CDN, payment gateway, or external provider.
• Your own connection was blocked and you cannot access cPanel.

Common errors

• You blocked a range that is too large: several legitimate visitors can no longer access the site → remove the rule and add only the confirmed IP.
• The IP is not saved: the format is not valid → copy the IP without spaces, ports, or extra text.
• The attack continues from other IPs: it was not a single address → contact support to review filters, logs, and additional security options.

Recommended reading

• IP block: steps to unblock your IP
• How to use File Manager in cPanel to edit files with a backup
• What security measures can you implement for your website?