Using the .htaccess file to control access to your site
Block access to certain pages or websites with .htaccess rules
2 min read
.htaccess rules to block access to certain pages or websites. You can block or allow IP addresses. With this feature, you can make most of your website public while restricting access to some pages. Using
.htaccess files to manage website access is not a substitute for CSF.
This page covers both Apache 2.2 and 2.4. Although Apache 2.4 supports the old syntax, we encourage using the right syntax for your Apache version and keeping Apache updated.
This post assumes you're familiar with
.htaccess files and editing configuration files through the command line or file manager on your server. If you're not sure about editing
.htaccess files, contact Support. We strongly advise you to backup your configuration files before making any changes.
Restricting access based on IPs
If you want to deny access to a certain IP address using .htaccess, you can add the following to the top of your .htaccess file that is located in the public folder of your site:
<RequireAll> Require all granted Require not ip IPADDRESSTOBLOCK </RequireAll>
Similarly, you can also lock all access to a certain IP, for example, if you only want to be able to access the website yourself:
<RequireAll> Require all granted Require ip IPADDRESSTOALLOW </RequireAll>
Improving a bit more, a maintenance page can be shown to your users while you perform changes to the site:
ErrorDocument 403 /maintenance.html Order Allow,Deny Allow from #.#.#.#
#.#.#.#is your IP: What Is My IP Address?
Did you find this article valuable?
Support Aadarsh Kashyap by becoming a sponsor. Any amount is appreciated!