Apache restrict access based on IP address to selected directories

Apache restrict access based on IP address to selected directories

Apache web server allows server access based upon various conditions. For example you just want to restrict access to url http://subdomain.domain.com/ (mapped to /var/www/subdomain directory) from 192.168.1.0/24 network (within intranet).

Apache provides access control based on client hostname, IP address, or other characteristics of the client request using mod_access module.

Press continue reading to understand how to do this!

To restrict access based on IP address to selected directories with apache, you need to do something like that in your VirtualHost.

<VirtualHost *:80>
ServerAdmin     webmaster@email.com
ServerName      subdomain.domain.com

DocumentRoot “/var/www/subdomain”

<Directory “/var/www/subdomain”>
Options +Indexes +FollowSymLinks
AllowOverride All
<IfVersion < 2.3 >
      Order deny,allow
      Deny from all
    </IfVersion>
    <IfVersion >= 2.3 >
      Require all denied
    </IfVersion>
    Allow from 192.168.1.0/24
  </Directory>
ErrorLog  ${APACHE_LOG_DIR}/subdomain-error.log
CustomLog ${APACHE_LOG_DIR}/subdomain-access.log combined
</VirtualHost>

Order allow,deny: The Order directive controls the default access state and the order in which Allow and Deny directives are evaluated. The (allow,deny) Allow directives are evaluated before the Deny directives. Access is denied by default. Any client which does not match an Allow directive or does match a Deny directive will be denied access to the server.

Allow from 192.168.1.0/24: The Allow directive affects which hosts can access an area of the server (i.e. /var/www/subdomain). Access is only allowed from this network.

Save file and restart apache web server:
$ sudo service apache2 restart

Source: Cyberciti


Comments

comments

Comments are Disabled