Restricting access to a website by IP Address

I’ve recently worked on a project where the the client requested restricting access to the site and for it to only be available via their own network. After a little bit of research I came across this little trick. Just drop the below into your .htaccess and allow from any IP that you wish*.

You can allow multiple IPs access by adding more allow lines.

I’ve also added a redirect for anyone who tries to access outside the allowed IP to my site with little notification on why and a prompt to get in touch.

<Limit GET POST>
order deny,allow
deny from all
allow from xx.xxx.xxx.xxx
</Limit>

ErrorDocument 403 https://danielcanetti.com/no-access/

*This works for any server running Apache 2.2.