2.7.1.1.6. Restrict access by IP address

Directives should be placed in the .htaccess file in the site directory to which access should be restricted. Visitors with restricted access will receive a 403 response.

In examples of directives:

• XXX.XXX.XXX.XXX — IP address for which access should be allowed or denied.
• admin/login/ — page to which access will be restricted. The full address will look like this — http://example.com/admin/login/.
• There are several ways to specify multiple addresses in the Order directives:
  • Individual addresses — each address on a new line in the form Allow from XXX.XXX.XXX.XXX.
  • Address ranges:
    • As a subnet mask (for example, 123.213.0.0/16, which corresponds to the address range 123.213.0.0-123.213.254.254).
    • Using the asterisk symbol * for part of the address (for example, 123.213.*.*).
• Multiple addresses can be specified in the Rewrite directives using regular expressions:
  • Individual addresses:
    • In the form (a|b|c), where a, b and c are different addresses.
    • Each address on a new line in the form RewriteCond %{REMOTE_ADDR} !^XXX\.XXX\.XXX\.XXX$.
  • Address ranges — in the form \d{1,3} instead of one of the IP address blocks (for example, !^123\.213\.\d{1,3}\.\d{1,3}$, which corresponds to the address range 123.213.0.0-123.213.254.254).

Restricting access to the entire site using the Order Allow,Deny directives: Order Deny,Allow Deny from all Allow from XXX.XXX.XXX.XXX </code>

Restricting access to a page using Rewrite directives: RewriteEngine on RewriteCond %{REMOTE_ADDR} !^XXX\.XXX\.XXX\.XXX$ RewriteRule ^admin/login/? - [F,NC] </code>

Restricting access to the entire site using the Order Allow,Deny directives: Order Allow,Deny Allow from all Deny from XXX.XXX.XXX.XXX </code>

Restricting access to a page using Rewrite directives: RewriteEngine on RewriteCond %{REMOTE_ADDR} ^XXX\.XXX\.XXX\.XXX$ RewriteRule ^admin/login/? - [F,NC] </code>