• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
The Electric Toolbox Blog

The Electric Toolbox Blog

Linux, Apache, Nginx, MySQL, Javascript and PHP articles

  • Applications
  • FCKEditor
  • Apache
  • Windows
  • Contact Us
Home / Allowing and denying access by IP address with Apache

Allowing and denying access by IP address with Apache

Apache’s configuration allows access to be restricted by IP address in both the main configuration file, virtualhost directives and .htaccess files. It can be useful to deny access to specific IP addresses, for example to keep a bad robot out; and it can equally be useful to deny access to all IP addresses but allow a select few in, for example to restrict access for a specific area of a website (e.g. the admin) to a specific number of IP address. This post shows how to do both.

.htaccess file

Add the following rules, customized to suit your specific circumstances to an either already existing .htaccess file or to a new one if one doesn’t already exist.

If you want the rules to apply to the entire site, then put the .htaccess file at the root level.

To deny/allow access to a specific directory only, put the .htaccess file in that directory only.

Denying access to specific IP address(es)

To deny access to a single specific IP address, in this example 192.168.1.16:

deny from 192.168.1.16

You can also have multiple deny from lines, in this example to deny access to visitors from 192.168.1.16 and 192.168.1.17:

deny from 192.168.1.16
deny from 192.168.1.17

To block the whole range from e.g. 192.168.1.1 to 192.168.1.255 leave the last number off, e.g.:

deny from 192.168.1

And you can also use netmask ranges. I won’t pretend to have a very good understanding of how netmask ranges work but this example would block access from 192.168.1.1 to 192.168.1.14:

deny from 192.168.1.1/28

There are many online IP address calculators that can be used to work out these ranges.

Denying access to all but specific IP address(es)

It can be useful when testing a website before launch or on a staging site to not let anyone in except for a few specific IP address. Another pssibility is to restrict access to particular parts of a website (e.g. an admin area) to specific IP addresses.

This is easy to do as well. The example below denies access to everyone except for 192.168.1.16:

deny from all     
allow from 192.168.1.16

Check Out These Related posts:

  1. Changing exim4 settings with Debian 5 Lenny
  2. Password protection with Apache but allow from a user agent
  3. Validating an IP address with PHP’s filter_var function
  4. Allowing div layers to float over Flash/Vimeo/YouTube etc

Filed Under: Apache

Primary Sidebar

Categories

  • Apache
  • Applications
  • Article
  • Case Studies
  • Email Servers
  • FCKEditor
  • HTML And CSS
  • Javascript
  • Linux/Unix/BSD
  • Microsoft SQL Server
  • Miscellaneous Postings
  • MySql
  • Networking
  • Nginx Web Server
  • Offsite Articles
  • OSX
  • PHP
  • Quick Tips
  • RFC – Request for Comments
  • SilverStripe
  • VMWare
  • VPN
  • Windows
  • WordPress

Recent Posts

  • Vim Show Line Numbers
  • Add User To Group Linux
  • Chmod 777 Tutorial
  • How to Copy Directory Linux
  • Linux create user

Copyright © 2021. ElectricToolBox. All Rights Reserved.

  • Contact Us
  • Copyright Info
  • Privacy Policy
  • Sitemap