Apache’s mod_access module allows you to control server access based on various parameters such as client IP address, hostname, etc. Here’s you can configure Apache to limit access by IP
Configure Apache To Limit Access by IP
Here are the steps to configure Apache to limit access by IP
Before you proceed, please ensure you have enabled mod_access module in Apache.
1. Open Apache Config file
Open Apache config file with a text editor
$ vi /etc/httpd/conf/httpd.conf
2. Restrict Access by IP
Let us say you want to restrict access to a specific subfolder (e.g /payroll) on your website whose document root is located at /var/www/html. Also, let’s say you want to restrict access to only your intranet, that is, 192.168.1.0/24 network.
In that case, locate the directory section (/var/www/html/payroll) and update it as follows:
<Directory /var/www/html/payroll/> Order allow,deny Allow from 192.168.1.0/24 Allow from 127 </Directory>
In the above code,
- Order allow,deny – Controls allow & deny directives. Allow conditions are evaluated before Deny directives
- Allow from192.168.1.0/24 – Allow access only from network 192.168.1.0/24
- Allow from127 – Allows access from localhost
If the above directory section doesn’t exist in config file, create it.
Save and close the file
3. Restart Apache Server
Restart Apache server to apply changes
$ /etc/init.d/httpd restart