Servebolt runs Apache 2.4 behind nginx. That means that you can use Apache 2.4 Directives to control access. More extensive documentation can be found here.
If you want to deny access to a certain IP address using
.htaccess, you can add the following to the top of your
.htaccess file located in the public folder of your site:
<RequireAll> Require all granted Require not ip IPADDRESSTOBLOCK </RequireAll>
Similarly, you can also lock all access to a certain IP, for example if you only want to be able to access the website yourself:
<RequireAll> Require all granted Require ip IPADDRESSTOALLOW </RequireAll>
If you want to block or require multiple IPs, you can just add more lines with Require IP/Require not IP with the ipv4, ipv6 or subnets CIDR format.