Allow access to Apache server from only one IP address

I have an Apache server that, for the time being, I need to block access to for all but a select group of people. The easiest way to do this, I thought, would be to deny access from all traffic and then allow only the select few IP addresses. From what I have found online, this configuration should do the trick.

This is the entire contents of /etc/apache2/sites-available/000-default.conf:

    <VirtualHost *:80>
            ServerAdmin webmaster@localhost
            DocumentRoot /var/www/html

            <Directory /var/www/html>
                    Order allow,deny
                    Deny from all
                    Allow from my.ip.add.res
            </Directory>

            ErrorLog ${APACHE_LOG_DIR}/error.log
            CustomLog ${APACHE_LOG_DIR}/access.log combined
    </VirtualHost>

However, when I test it, I get 403'd from everywhere, including the allowed "my.ip.add.res" IP address.

I've spent quite a lot of time Googling, but from what I can tell, this should work perfectly. Not sure why it isn't. Am I missing something obvious?


Solution 1:

If you are using Apache 2.4, make sure that you LOAD the authz_core module,

DELETE:

Order allow,deny
Deny from all
Allow from my.ip.add.res

and, in place of the deleted directives,

INSERT:

Require ip xxx.xxx.xxx.xxx

If you are using Apache 2.2, make sure that you LOAD the authz_host module,

DELETE:

Order allow,deny
Deny from all
Allow from my.ip.add.res

and, in place of the deleted directives,

INSERT:

Order Deny,Allow
Deny from all
Allow from xxx.xxx.xxx.xxx