How to Whitelist URL in Apache Web Server

whitelist url in apache

Sometimes, you may want to limit the URLs accessed by your website visitors, or by your office workstations. So let us take a look at how to whitelist URL in Apache Web server.


How to Whitelist URL in Apache Web Server

Here are the steps to whitelist URL in Apache web server.

Before proceeding, please ensure you have enabled .htaccess (mod_rewrite) in your Apache web server. Here are the steps to do it:


Place your .htaccess file in the root document folder of your website (/var/www/html)


1. Open .htaccess file

Open .htaccess file using a text editor. It is generally located at /var/www/html.

$ sudo vim /var/www/html/.htaccess


2. Whitelist URL

Let’s say you want to restrict access to specific URLs. There are 2 ways to do this.

First, use a RewriteCond in your .htaccess file to check for the URL and RewriteRule to catchall 404 responses.

# if the request uri is not /loginpage.php and /admin.php
RewriteCond %{REQUEST_URI} !^/(login|admin)\.php

# if the request uri is not /homepage
RewriteCond %{REQUEST_URI} !^/homepage

# response 404 error
RewriteRule ^ - [R=404,L]


Second way is to simply use a Proxy directive per allowed URL

<Proxy "">
Require host

<Proxy "">
Require host


Both these approaches only work for a small set of URLs. If you want to whitelist a large number of URLs, better look for a software specifically designed for that purpose.


3. Restart Apache web server

Restart Apache web server to apply changes

$ sudo /etc/init.d/apache2 start [Debian or Ubuntu]
# sudo apachectl restart [RHEL, CentOS or Fedora]




About Sreeram Sreenivasan

Sreeram Sreenivasan is the Founder of Ubiq, a business dashboard & reporting platform for small & medium businesses. Ubiq makes it easy to build business dashboards & reports for your business. Try it for free today!