This email address is being protected from spambots. You need JavaScript enabled to view it.

How to restrict access to the web site by IP address

.

Linux/Apache host

Every directory in public_html root folder of Apache server can contain own .htaccess file which can restrict what client IP address is allowed to access content of the directory and all of it's subdirectories. .htaccess files provides more powerful options, see details on Wiki.

 

Restrict access to one IP address

With notepad or some other simple text editor create text file named .htaccess. To allow access only to the 156.146.78.89, add folowing lines:

order allow,deny
allow from 156.146.78.89

and upload it to the directory on your Apache server that you wish to protect.

Explanation: IP access is allowed from 156.146.78.89 and denied for all others

 

Restrict access to few IP addresses

order allow,deny
allow from 156.146.78.89
allow from 67.146.78.89
allow from 66.176.18.59

Explanation: access is allowed only to IP addresses: 156.146.78.89,67.146.78.89,66.176.18.59

 

Restrict access to few IP address ranges

order allow,deny
allow from 156.146.78
allow from 67.146.

Explanation: access is allowed to IP address ranges: 156.146.78.0 - 156.146.78.255 and 67.146.0.0 - 67.146.255.255

Note: restrictions defined in .htaccess files are executed hierarchically from parent directory to the child directories if parent and sub directory both contains .htaccess file. E.g. when someone is accessing file /directory_one/sub2/index.html, if directory_one contains .htaccess file then it will be executed before .htaccess file inside sub2.

 

Windows Host

On Microsoft based Windows system you can restrict access to the website on two ways:

1. Through IIS Directory security (explained on Windows 2003 IIS)

 

Restrict access to whole website


Go to Programs/Administrative Tools/Internet Information Server (IIS). Select Website, open context menu with right click, dialog should open:

 

how_to_p1.jpg

 

 

Go to Directory Security and under IP address and domain name restrictions section press EDIT:


how_to_p2.jpg

 

 

Check By default, all computers will be Denied access, except the following: add IP address that you wish to allow by clicking on Add. In example above access is allowed only to the IP address 154.148.48.58. Single computer, group of computers or domain name can be added to the list of allowed IP addresses. To add range of IP addresses, select Group of Computers and enter subnet mask:

 

i

 

In above example, IP address range from 75.74.78.0 to the 75.74.78.255 is allowed to access our IIS site.

 

 

Restrict access to the specific sub directories

Open website from IIS, select directory on which you wish to restrict access, open context menu, go to Directory Security and repeat all steps as above.

 

how_to_p4.jpg

 

 

2. Through Firewall settings

Open Firewall from Settings/Control Panel, go to Exceptions, add new exception with Add Port button for port 80 or edit existing one (probably already exists), click on change scope, and single IP address, multiple IP addresses or IP ranges (see picture below). Note: when restricting access through firewall, you can only restrict access to whole website that resides on specific port (not specific directory).

 

how_to_p5.jpg

 

See List of All Articles from Mini How Archive