![- Navigate to User/Group Manager -> Edit User/Group -> Restrictions - Right-click and choose "Add IP/ACL" PLEASE NOTE: All rules should be added as a DENY rule ("-" minus) sign. Entering a ALLOW rule ("+" plus) will override the default rule of "+*.*.*.*" and turn IP/ACL into whitelist only, where all IPs are rejected unless an ALLOW rule is created.](http://blog.builtbp.com/wp-content/uploads/2015/03/bps-ipacl-usergroup-step1.png)
– Right-click and choose “Add IP/ACL”
PLEASE NOTE: All rules should be added as a DENY rule (“-” minus) sign. Entering a ALLOW rule (“+” plus) will override the default rule of “+*.*.*.*” and turn IP/ACL into whitelist only, where all IPs are rejected unless an ALLOW rule is created.
![Enter the IP Address to be banned. Please note that the "Allow IP Address Access" should be chosen, in order to restrict a user|group to a specific IP Address (aka whitelist) PLEASE NOTE: All rules should be added as a DENY rule ("-" minus) sign. Entering a ALLOW rule ("+" plus) will override the default rule of "+*.*.*.*" and turn IP/ACL into whitelist only, where all IPs are rejected unless an ALLOW rule is created.](http://blog.builtbp.com/wp-content/uploads/2015/03/bps-ipacl-usergroup-step2.png)
PLEASE NOTE: All rules should be added as a DENY rule (“-” minus) sign. Entering a ALLOW rule (“+” plus) will override the default rule of “+*.*.*.*” and turn IP/ACL into whitelist only, where all IPs are rejected unless an ALLOW rule is created.
![- Navigate to Server Monitor -> Log Watch In this example, you'll see the ftp-client from "-54.153.69.28" is denied. This is because the IP/ACL was converted to a "whitelist" with a single ALLOW rule and "+192.168.0.*" does not match the incoming ftp-client.](http://blog.builtbp.com/wp-content/uploads/2015/03/bps-ipacl-usergroup-step3.png)
In this example, you’ll see the ftp-client from “-54.153.69.28” is denied. This is because the IP/ACL was converted to a “whitelist” with a single ALLOW rule and “+192.168.0.*” does not match the incoming ftp-client.