Allowing and denying access by IP address with Apache

Apache’s configuration allows access to be restricted by IP address in both the main configuration file, virtualhost directives and .htaccess files. It can be useful to deny access to specific IP addresses, for example to keep a bad robot out; and it can equally be useful to deny access to all IP addresses but allow a select few in, for example to restrict access for a specific area of a website (e.g. the admin) to a specific number of IP address. This post shows how to do both.

Password protect a directory with Apache

This post is more of a self-reference than anything because there are probably fifty million other posts on the Internet showing how to password protect a directory with an Apache .htaccess file…

Using Apache mod_expires to control browser caching

Apache’s mod_expires module allows settings by file type to control how long browsers cache files. This is useful for ensuring browsers cache image, Javascript and/or CSS files without making additional unecessary requests when loading pages.

Disable PHP in a directory with Apache .htaccess

If you have a directory which users can upload files into it’s a good idea for security reasons to disable server-side parsing of scripts such as PHP. This post shows a couple of options using Apache’s .htaccess files.