diff --git a/homeassistant/components/http/ban.py b/homeassistant/components/http/ban.py
index 89d927ee8af..c56dd6c343b 100644
--- a/homeassistant/components/http/ban.py
+++ b/homeassistant/components/http/ban.py
@@ -243,5 +243,6 @@ class IpBanManager:
 
     async def async_add_ban(self, remote_addr: IPv4Address | IPv6Address) -> None:
         """Add a new IP address to the banned list."""
-        new_ban = self.ip_bans_lookup[remote_addr] = IpBan(remote_addr)
-        await self.hass.async_add_executor_job(self._add_ban, new_ban)
+        if remote_addr not in self.ip_bans_lookup:
+            new_ban = self.ip_bans_lookup[remote_addr] = IpBan(remote_addr)
+            await self.hass.async_add_executor_job(self._add_ban, new_ban)
diff --git a/tests/components/http/test_ban.py b/tests/components/http/test_ban.py
index 8082a268a80..d1123a7009e 100644
--- a/tests/components/http/test_ban.py
+++ b/tests/components/http/test_ban.py
@@ -392,3 +392,29 @@ async def test_failed_login_attempts_counter(
     resp = await client.get("/auth_false")
     assert resp.status == HTTPStatus.UNAUTHORIZED
     assert app[KEY_FAILED_LOGIN_ATTEMPTS][remote_ip] == 2
+
+
+async def test_single_ban_file_entry(
+    hass: HomeAssistant,
+) -> None:
+    """Test that only one item is added to ban file."""
+    app = web.Application()
+    app["hass"] = hass
+
+    async def unauth_handler(request):
+        """Return a mock web response."""
+        raise HTTPUnauthorized
+
+    app.router.add_get("/example", unauth_handler)
+    setup_bans(hass, app, 2)
+    mock_real_ip(app)("200.201.202.204")
+
+    manager: IpBanManager = app[KEY_BAN_MANAGER]
+    m_open = mock_open()
+
+    with patch("homeassistant.components.http.ban.open", m_open, create=True):
+        remote_ip = ip_address("200.201.202.204")
+        await manager.async_add_ban(remote_ip)
+        await manager.async_add_ban(remote_ip)
+
+    assert m_open.call_count == 1