Apache restrict access based on IP address to selected directories

Apache web server allows server access based upon various conditions. For example you just want to restrict access to url http://payroll.nixcraft.in/ (mapped to /var/www/sub/payroll directory) from 192.168.1.0/24 network (within intranet).

Apache provides access control based on client hostname, IP address, or other characteristics of the client request using mod_access module.

Open your httpd.conf file:
# vi /etc/httpd/conf/httpd.confLocate directory section (for example/var/www/sub/payroll) and set it as follows:
<Directory /var/www/sub/payroll/>
Order allow,deny
Allow from 192.168.1.0/24
Allow from 127
</Directory>Where,

• Order allow,deny: The Order directive controls the default access state and the order in which Allow and Deny directives are evaluated. The (allow,deny) Allow directives are evaluated before the Deny directives. Access is denied by default. Any client which does not match an Allow directive or does match a Deny directive will be denied access to the server.
• Allow from192.168.1.0/24: The Allow directive affects which hosts can access an area of the server (i.e. /var/www/sub/payroll/). Access is only allowed from network 192.168.1.0/24 and localhost (127.0.0.1).

Save file and restart apache web server:
# /etc/init.d/httpd restart

See also

• Apache Module mod_access documentation for more information

Featured Articles:

• 20 Linux System Monitoring Tools Every SysAdmin Should Know
• 20 Linux Server Hardening Security Tips
• My 10 UNIX Command Line Mistakes
• Linux: 20 Iptables Examples For New SysAdmins
• 25 PHP Security Best Practices For Sys Admins
• The Novice Guide To Buying A Linux Laptop
• 10 Greatest Open Source Software Of 2009
• Top 5 Email Client For Linux, Mac OS X, and Windows Users
• Top 20 OpenSSH Server Best Security Practices
• Top 10 Open Source Web-Based Project Management Software
• Top 5 Linux Video Editor Software