Allow access to Apache server from only one IP address


I have an Apache server that, for the time being, I need to block access to for all but a select group of people. The easiest way to do this, I thought, would be to deny access from all traffic and then allow only the select few IP addresses. From what I have found online, this configuration should do the trick.

This is the entire contents of /etc/apache2/sites-available/000-default.conf:

    <VirtualHost *:80>
            ServerAdmin webmaster@localhost
            DocumentRoot /var/www/html

            <Directory /var/www/html>
                    Order allow,deny
                    Deny from all
                    Allow from my.ip.add.res

            ErrorLog ${APACHE_LOG_DIR}/error.log
            CustomLog ${APACHE_LOG_DIR}/access.log combined

However, when I test it, I get 403'd from everywhere, including the allowed "my.ip.add.res" IP address.

I've spent quite a lot of time Googling, but from what I can tell, this should work perfectly. Not sure why it isn't. Am I missing something obvious?

Best Answer

If you are using Apache 2.4, make sure that you LOAD the authz_core module,


Order allow,deny
Deny from all
Allow from my.ip.add.res

and, in place of the deleted directives,


Require ip

If you are using Apache 2.2, make sure that you LOAD the authz_host module,


Order allow,deny
Deny from all
Allow from my.ip.add.res

and, in place of the deleted directives,


Order Deny,Allow
Deny from all
Allow from