Welcome to CGI City - One of the biggest WWW Resources for CGI and Perl materials
Tips and Tutorials
Restricting access to a directory (specific hosts/IPs)

We have had some questions emailed to us asking us if it is possible to prevent certain individuals from accessing a particular directory on their site but at the same time allowing the rest of the world to visit them as normal. The answer we always give is a qualified yes. How? By blocking off that user's IP using the good ol' .htaccess file.

There is a caveat, however. It would be quite difficult to block out one single user unless that user has his own dedicated IP which belongs to nobody else but him. If that were the case, you can simply enter his IP into your .htaccess file and you can rest easy that he will not be able to visit your web site ever again (unless, of course, he chagnges his IP). But in reality, most visitors to web sites are the average Joe's like you and me who are simply using a public access ISP to connect to the Internet.

For those who do not quite understand yet, while we are connected to the Net via our respective ISPs, we are allocated an IP number by the ISP. That IP number belongs to you for the brief moment that you are connected. When your modem hangs up the phone, that number is freed up and is re-allocated to someone else who dials up to the same ISP for a connection. Now if you were to block a particular IP that belongs to a certain ISP, you are effectively blocking all the dial up users of that ISP who is allocated that IP number. Thus, you block off a multitude of potential visitors to your site.

In the previous .htaccess tutorials, we have explained how an .htaccess file is set up on the server. Here, we will simply explain how you can tweak it a bit to deny a certain IP from accessing a particular directory in your server. Create your .htaccess file like so:

AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName AllowLocalAccess
AuthType Basic

order deny,allow
deny from 0.0.0.0
allow from all

In this example, you may replace the 0.0.0.0 with the IP number you wish to block off. Doing so will deny any visitor who uses that IP number. You can also replace the 0.0.0.0 with a hostname like maybe "icthus.net" (although in reality, you don't want to block off this magnificent domain). Doing this will prevent any visits originating from the icthus.net domain - which we again emphasize, is something nobody would want to do :-)

Up until this point, you were probably thinking "Why would someone want to block off people's IP numbers and prevent these people from visiting their web site?", right? Well, a typical situation could be because Joe visited Bob's site in the past and posted some nasty comments on Bob's message board prompting Bob to block out Joe so Bob's other visitors are not offended. It could also be because John visited Tom's site and copied Tom's contents and is occassionally copying every new content that Tom adds to his site. It could also be because Jane has not yet returned Lisa's favorite X-Files paperback and Lisa is preventing Jane from visitng her X-Files Fan Site.

The reason could range from the shallow to the absurd. But whatever the reason, aren't you glad you now know how to prevent your Uncle Willie from accessing your site?

-oOo-

Back to Tips and Tutorials


Search For:
Quick jump to
Home | About Us | Contact Us | Link To Us | Search
Tips & Tutorials | References | Books | Add A Resource
Custom Programming Services | Advertise
Disclaimer | Privacy Policy

Copyright © 1998-2099    CGI City    All Rights Reserved
All original materials contained herein including text, images, and original scripts written by CGI City, are copyrighted by CGI City. All other scripts and materials are copyrighted by their respective authors/owners.