Apache .htaccess Guide, Tutorials and Articles

Apache .htaccess Guide & Tutorial >>

Deny visitors by IP address

The visitor blocking facilities offered by the Apache Web Server enable us to deny access to specific visitors, or allow access to specific visitors. This is extremely useful for blocking unwanted visitors, or to only allow the web site owner access to certain sections of the web site, such as an administration area.

To set-up visitors restrictions and blocking, create a .htaccess file following the main instructions and guidance which includes the following text:

order allow,deny
deny from 255.0.0.0
deny from 123.45.6.
allow from all

The above lines tell the Apache Web Server to block visitors from the IP address '255.0.0.0' and '123.45.6.', note the second IP address is missing the fourth set of digits, this means any IP address which matches the firth three set of digits will be blocked, e.g. '123.45.6.10' and '123.45.6.255' would be blocked.

To set-up blocking of all visitors except yourself, create a .htaccess file following the main instructions and guidance which includes the following text:

order allow,deny
allow from 255.0.0.0
deny from all

The above lines tell the Apache Web Server to block all visitors except those with the IP address '255.0.0.0', which you should replace with your own IP address.

You may add any number of 'deny from' and 'allow from' records after the 'order allow,deny'. Note the change from 'allow from all' to 'deny from all' on the bottom line, this is important and must be changed depending on your requirements. If you want to allow your visitor access, you would use 'allow from all' and place 'deny from' lines above.

Blocked visitors will be shown a '403 Forbidden' error message. You can customise this error message by following the 'Error Documents' section of this article.

Next Article: Deny visitors by referrer
Previous Article: Password protection

Comments

vtac
"I believe the last example should be:
Order deny,allow
Deny from all
Allow from 255.0.0.0"
Moderator
"Johnny, check the IP address is that of your own computer and not the IP address of the server (just checking you haven't got mixed up). Alternatively, contact your system administrator and ensure the use of .htaccess files is enabled. For further advice I would suggest contacting your system administrator, or alternatively please post details of any error messages you receive."
johnny
"Im using .htaccess to block people from files on my site and have added my site IP as allow but it doesn't let me link to my files. Not sure what I'm doing wrong."

Post Comment

Your Name:
Your Comment: