PLEASE NOTE: The code sections in this article appear differently on different devices. When using the Instructables app for mobile devices the code is missing line endings. Most web browsers seem to work okay.

If you are serving web content world-wide then you’ll eventually want to adopt some sort of blacklist, or exclusion list, where you can keep specific IP addresses from accessing your server. However, if you want to tighten-down your security and only allow a select few access then you’ll need to make some changes.

cd /etc/apache2 sudo cp apache2.conf apache2.conf.bak

sudo vi apache2.conf

OR

sudo nano apache2.conf

Travel down the file until you reach this section that allows everyone access to your web server from the outside:

<Directory /var/www/> Options Indexes FollowSymLinks AllowOverride None Require all granted </Directory>

The AllowOverride directive is set to None meaning we will not be using an .htaccess file to override these settings. The next directive, Require is set to all granted, meaning allow anyone access.

Please note: I have found a significant number of bot requests in my log files, snooping for those of Us using phpmyadmin, be sure to limit access:

<Directory /usr/share/phpmyadmin/> Order Deny, Allow Deny from All # localhost Allow from 127.0.0.1 # Local-Area Network Allow from 192.168.0 </Directory>

Next, we can add a directory that we want to protect:

<Directory /var/www/html/hydroMazing/> Options Indexes FollowSymLinks AllowOverride All </Directory>

The AllowOverride directive is set to All meaning we will be using an .htaccess file to override these settings. We will provide the Require directive in our .htaccess file inside the directory we specified, in this case, “/var/www/html/hydroMazing/”

# AccessFileName: The name of the file to look for in each directory # for additional configuration directives. See also the AllowOverride # directive. AccessFileName .htaccess

You could change the name of the .htaccess file here to something harder to guess. Keep the dot at the beginning because it means hidden file. Use your imagination!

Now you can use an .htaccess file as your whitelist, or inclusion list:

To create a .htaccess ( or whatever you’ve named it ) file:

cd /var/www/html/mydirectory/

sudo vi .htaccess

OR

sudo nano .htaccess

# Allow access to localhost Require ip 127.0.0.1 # Allow access to my cell phone Require ip 98.97.34.23

Second entry is an example, change it to your IP address, or the IP address that your web server logged.

Save and close the file. You can add additional access as desired.