Allow IP bypass htaccess password with Apache

Here is a very quick tip on how to protect your whole site with htaccess password but only allow certain IP. This is very usefull when you are working on a development server and you want only your team to access the site.

In the .htaccess file of the root of your web folder, paste the following code:

Deny from all
Order deny,allow
AuthType Basic
AuthName “Restricted”
AuthUserFile /path_to_password/.htpasswd
Require valid-user
Allow from 192.168.1.10
Allow from 192.168.1.10
Satisfy Any

First we simply specify the deny allow rule and also reference our authentication method. The we user Allow from with the IP. There is maybe a better way of doing this with IP range. Finally we simply tell apache to satify any Allow Deny rules. That’s it.

Leave Your Response

* Name, Email, Comment are Required