On Apache you can restrict access by IP address in either the virtualhost directives or the .htaccess files. This is pretty useful when you want to block a certain IP from accessing the server, or only grant access to a selected few.
NOTE: .htaccess files only effect the directory that they are in, so If you want the rules to apply to the entire website, then put the .htaccess file at the root level.
Deny All Access with .htaccess
# Require all denied
Only allow certain IPs with .htaccess
# Require all denied
# Require ip xxx.xxx.xxx.xxx
Block IP Address with .htaccesss
# Require all granted
# Require not ip xxx.xxx.xxx.xxx
# Require not ip xxx.xxx.xxx.xxy
Allow access only from LAN with .htaccess
order deny,allow
deny from all
allow from 192.168.0.0/24
Deny Access To Certain User Agents with .htaccess
RewriteCond %{HTTP_USER_AGENT} ^User\ Agent\ 1 [OR]
RewriteCond %{HTTP_USER_AGENT} ^Another\ Bot\ You\ Want\ To\ Block [OR]
RewriteCond %{HTTP_USER_AGENT} ^Another\ UA
RewriteRule ^.* - [F,L]
Deny Access to Hidden Files and Directories with .htaccess
<files your-file-name.txt>
order allow,deny
deny from all
</files>