Member-only story
How to Secure and Restrict Access to Your Website Like a Pro
Ever wanted to restrict access to your website based on specific IP addresses?
Maybe you’re building a service that should only be accessible to certain users, or you want to block unwanted traffic. Either way, you’re in the right place! In this tutorial, I’ll walk you through the process of adding IP address restrictions to your website.
Prerequisites:
- A web server with mod_rewrite enabled
- Basic knowledge of how the .htaccess file works
What is the .htaccess File?
Before we dive in, let’s quickly go over what the .htaccess file is. It’s a configuration file used by Apache servers that controls various aspects of how the server handles requests. You can use it to enforce security, rewrite URLs, and—of course—restrict access by IP address.
Step 1: Create Your .htaccess File
In your main website folder, create a file called .htaccess (if it doesn't exist). Then, add the following code to it:
# BEGIN IP Access Restriction
<Limit GET POST PUT>
ErrorDocument 403 /403.html
order deny,allow
deny from all
allow from <your-allowed-IP-address>
</Limit>
# END IP Access Restriction
