I tried setting up some sites on public hosting company where I needed to set it up in a way where only specified IP addresses are allowed to access them. Below is what I did.
Basic config
Below is the basic configuration:
<Directory "/srv/httpd/htdocs/mydomain.com">
Options Indexes FollowSymLinks
AllowOverride All
Order deny,allow
Allow from 127.0.0.1
Allow from xxx.xxx.xxx.xxx
Allow from xxx.xxx.xxx.xxx
Deny from all
</Directory>
Organized
Since I’m doing this IP blocking for many sites, it make sense to simplify the configuration so that I only need to edit a single list of IP that would apply to all sites. What I did is put the config on file and include it on each virtual host config. Below is the filename and the sample content.
File: /etc/httpd/block-world.conf
Order deny,allow Allow from 127.0.0.1 Allow from xxx.xxx.xxx.xxx Allow from xxx.xxx.xxx.xxx Deny from all
Then for each virtual host, I include the file like this:
<Directory "/srv/httpd/htdocs/mydomain.com">
Options Indexes FollowSymLinks
AllowOverride All
Include /etc/httpd/block-world.conf
</Directory>
That’s it. Share and enjoy.
When I try to add this I get the following error when restarting Apache: order not allowed here. So it doesn’t work.
Gunus,
What version of Apache are you using? It is probably due to the Apache version of something. Try to swap the allow,deny values.
Very helpful information. Thanks for the clear and straight to the point info!
In your example, if you use the directive “Order deny,allow” then you must follow with “Deny …” directives prior to “Allow..” ones.
@Julien, looks like you’re right. The order I have was to allow by default! But thanks to the deny from all line.
I don’t have the test environment currently, so is this the correct configuration?
Order allow,deny
Allow from 127.0.0.1
Allow from xxx.xxx.xxx.xxx
Allow from xxx.xxx.xxx.xxx