VPS business hosting starting at $29.95/24/7 premium technical support

How to secure a folder by whitelisting one IP using HTACCESS and denying all others

The process involves matching all requests for an IP, if the IP does not match redirect all secured directory requests. 

RewriteCond %{REMOTE_ADDR} !^120\.120\.120\.120
RewriteRule ^admin/.* - [L,R=403] 
RewriteCond %{REMOTE_ADDR} ^120\.120\.120\.120
RewriteRule ^admin$ - [L,R=403]

If you want to control this IP using a script, you can add 2 lines

###CUSTOM RULES###
# your rules will appear here using php script
###CUSTOM RULES###

Now add a script, say happy.php
and use the following code:

$htaccess = file_get_contents('.htaccess');
$ip= str_replace(".","\.",$_SERVER['REMOTE_ADDR']);
$rules="RewriteCond %{REMOTE_ADDR} !^".$ip."
RewriteRule ^admin/.* - [L,R=403]
RewriteCond %{REMOTE_ADDR} !^".$ip."
RewriteRule ^admin$ - [L,R=403]";
$problem="###CUSTOM RULES###\r\n".$rules.
"\r\n###CUSTOM RULES###";
#please copy the next line carefully, no extra spaces or new lines
$solution=preg_replace('/###CUSTOM RULES###.*?###CUSTOM RULES###/sm',$problem,$htaccess);
file_put_contents('.htaccess', $solution);

you can also specify your error page for specific http code: 403
ErrorDocument 403 /er.htm

Author: Harshvardhan Malpani

PHP Developer based in New Delhi, India. Working as a freelance web developer providing server deployment, website development and maintenance services.

Leave a Reply

Your email address will not be published. Required fields are marked *