Allow access to Apache server from only one IP address
I have an Apache server that, for the time being, I need to block access to for all but a select group of people. The easiest way to do this, I thought, would be to deny access from all traffic and then allow only the select few IP addresses. From what I have found online, this configuration should do the trick.
This is the entire contents of /etc/apache2/sites-available/000-default.conf:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
<Directory /var/www/html>
Order allow,deny
Deny from all
Allow from my.ip.add.res
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
However, when I test it, I get 403'd from everywhere, including the allowed "my.ip.add.res" IP address.
I've spent quite a lot of time Googling, but from what I can tell, this should work perfectly. Not sure why it isn't. Am I missing something obvious?
Solution 1:
If you are using Apache 2.4, make sure that you LOAD the authz_core
module,
DELETE:
Order allow,deny
Deny from all
Allow from my.ip.add.res
and, in place of the deleted directives,
INSERT:
Require ip xxx.xxx.xxx.xxx
If you are using Apache 2.2, make sure that you LOAD the authz_host
module,
DELETE:
Order allow,deny
Deny from all
Allow from my.ip.add.res
and, in place of the deleted directives,
INSERT:
Order Deny,Allow
Deny from all
Allow from xxx.xxx.xxx.xxx