Mar 252014

All In One WP Security And Firewall Blacklist Manager shows you how to block IP addresses, enter IP ranges add user agents and much more.

Last Updated: September 5, 2019

Latest News: I updated the documentation.

The Blacklist feature allows you to ban IP addresses , ranges and user agents. This helps you when you constantly get hackers repeatedly trying to access your site from the same IP address. When you enable this feature, the IP addresses you block are added to your .htaccess file. Adding these entries to your .htaccess file is one of the most secure first line of defence.

Note: If you are interested in block countries from your site then check out the following URL country-blocking-addon.

All In One WP Security And Firewall Blacklist Manager

Step 1 ) Go to WP Security -> Blacklist Manager admin tab as illustrated in the image below.


Step 2 ) The following image allows you to set up the following options.

Blacklist Manager Settings

  • Enable IP or User Agent Blacklisting:
  • Enter IP Addresses:
  • Enter User Agents:
  • Click on Save Settings button when you finish settings up this feature.

This will add another 15 points score towards your security meter. See image below. (Intermediate Security Level)


Troubleshooting Blacklist Manager

Q1 ) I am having issues with the Black list feature. I think it is not blocking the IP address I add. What can I do to test this feature?

Solution: To confirm if the blacklist feature works try using your IP address to block yourself temporarily. (Solution provided by wpsolutions.)

Note: If the blacklist is working properly you will see a “403 Forbidden” error whenever anyone with a blacklisted IP address attempts to access your site.

1) Make sure you are logged into your server using FTP. This will be handy to unlock yourself if needed.

2) Log into WordPress admin panel and add your IP address to the blacklist settings.

3) Try accessing your site from a browser where you are not logged in.
You should be denied access. If not, then the apache directives are not working on your server.

(If things are working fine and you do get blocked, just FTP your .htaccess file from your server to your computer and edit that file and remove the part of the code which has your IP address and then FTP the file back to the server)


Q2 ) Is there a limit to the number of IP addresses you can add to the Blacklist Manager in this plugin?

Solution One: No


Q3 ) I’ve entered IP addresses into Blacklist Manager and checked the checkbox, but those IP addresses are still trying to log into the site. They also don’t appear in Dashboard => Permanent Block List.

Solution one: The “Permanent Block List” is not related to the “Blacklist Manager” feature.
The Blacklist Manager uses .htaccess rules and the permanent blocklist uses PHP. The permanet blocklist currently only allows the addition of IP addresses via the SPAM Prevention -> Comment SPAM IP Monitoring menu. (Solution provided by wpsolutions.)


Q1 ) Where are the blacklisted IP addresses saved in the database?

Solution One: The blacklisted IP addresses are saved in the options table inside the “aio_wp_security_configs” option_name. You can read more about it in the following support thread.


Click on the following link Firewall Rules to continue configuring the plugins settings.

If you have any questions please let me know


All In One WP Security & Firewall Plugin Tutorial List

Manuel Ballesta Ruiz is a web developer, Blogger and WordPress Enthusiast.

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>