Apache access control by IP address

If you’re running a PHP application, particularly a web service, you may want to restrict access based on the client’s IP address. Whilst this is not a fool-proof method of protecting a site, it will probably discourage the majority of unauthorised users and prevent casual snoopers.

In your Apache virtual host container, you will need to add the following:

<Location />
  Order deny,allow
  Deny from all
  Allow from 127.0.0.1
</Location>

Attempting to access the site from any IP address other than 127.0.0.1 (the local host) will result in a 403 Forbidden status code being returned to the client.

You can change the location so as to restrict access to parts of your site, and you can list as many individual addresses or address ranges as you wish. If you are using the same access control list for several sites, you may wish to place the Location container in a separate file and use the Include directive to share it across virtual hosts.

For full details, see the access control documentation on the Apache site.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.