How to Whitelist an IP Address?

IP Address

Is your firewall restricting links to your website from team members? This is not unusual. While firewalls and other security features may obstruct entry to your website from malicious traffic, they can also unintentionally block good traffic.

We had a client whose website firewall was blocking entry to the site from his users. The inability to access the website triggered delays in the execution of some initiatives on the website that snowballed into larger problems. Our client, needless to say, was in a frenzy and called out for help.

It’s pretty easy to fix this dilemma if you take the right measure. In this post, we will lead you through the various whitelisting methods for an IP address.

What is IP Address Whitelisting?

Whitelisting IP addresses helps you to monitor who the WordPress website can (or cannot) reach.

Blacklisting is a good means of ensuring that the site can not be reached by malicious traffic. You can select and blacklist a malicious IP address or, using a firewall, you can simplify the operation.

Traffic going to the website can be filtered by a firewall. It stops poor traffic from reaching your website. But we have also observed firewalls blocking successful traffic unintentionally. The website owner or staff members are prohibited from accessing their own site in some circumstances. IP address whitelisting eliminates the block and enables them to re-access your WordPress page.

How to Whitelist an IP Address? (Plugin Manually & Via)

Two forms you can whitelist an IP address are open. Manually or by using an addon, you can whitelist. To do it manually, you’ll need to have information about WordPress scripts. Without it, you’re going to end up making mistakes that would break up your website. A much better alternative is the use of a WordPress plugin.
Usage of a plugin

Step 1: On your WordPress website, please download and instal the MalCare Protection Plugin. To set up your account with MalCare, follow our tutorial.

Step 2: Seek access to the website from the user whose IP is blocked. This attempt would be registered by MalCare. And in MalCare’s Traffic Request portion, the IP addresses would light up.

Sign on to your MalCare dashboard to visit the Traffic Request area and then click on your website. Go to Firewall > Logs of Traffic. There, you’ll see the IP addresses that your website was attempting to reach.
Firewall for Malcare


You will need to find the IP address that is blocked. The first few IP’s are likely to be the ones the colleagues or customers produce. But review the time and the country of origin to be absolutely confident that you are using the correct IP address.

Click on the edit button placed right next to the IP address to whitelist the IP address of your choosing. Whitelisted will be the IP.

malcare-whitelist-IPThe best way to carry out this mission is to use the MalCare plugin. Any of our readers, though, do understand that they have concerns about adding more plugins on their website and would like to do so manually.

First, in depth, we discuss the manual process.

Is It Possible to Manually Whitelist an IP Address?

It is possible, but there are two tremendous disadvantages.

But for the specified IP addresses, whitelisting particular IP addresses would block ALL traffic. This means that the WordPress website will only be able to reach a number of IP addresses. It would block any other IP address.
The manual process is dangerous since it includes accessing your data from WordPress and adding code snippets. You can make mistakes if you are not a seasoned WordPress customer. A slight erroneous lead causes the website to break down.

The manual approach we DON’T recommend. But we will show you how hard it is to manually whitelist IP addresses.

Prior to continuing…

We highly suggest that you take a full website backup. You can easily recover a backup if anything happens to your website, and get your site up and running in no time. Now, in all IP ranges, let’s whitelist your IP address manually.

Step 1: Log in to your web host account, pick File Manager and go to cPanel. Go to the public html folder from there and find and update the file with .htaccess.

Step 2: Right-click and pick Edit from the .htaccess file.


Step 3: Then, at the end of the .htaccess format, begin entering the following code.

order deny,allow
deny from all
allow from

Make sure that the IP whitelist address you intend to whitelist is replaced by xxx.

If you want multiple IP addresses to be whitelisted, just add another ‘enable from’ line like this:

order deny,allow
deny from all
allow from
allow from

This is how you can host all IP addresses from your WordPress hosting whitelist.

Once done, save the modifications until the .htaccess file is saved.

When you have a private website and want it to be accessible by only a few users, manually whitelisting your IP address may be successful. But if you don’t intend to do so, then steer clear of the manual process.

Ultimate Thoughts

We hope that you’ve found our article useful. As the firewall was blocking your customers or colleagues, you had to whitelist IP addresses. Just bad traffic from reaching the site can be blocked by a firewall. The distinction between poor traffic and good ones should be wise enough to know the difference. For eg, to build a list of IPs with malicious intent, MalCare comes with a Smart WordPress Firewall Plugin that detects attacks across thousands of websites. MalCare scans the list of malicious IPs if an IP makes a request to reach the website to decide whether the requesting party is malicious or not. Malicious IPs are instantaneously barred.