How Do I Allow Only A Certain IP To Access My Cloud Site Using SSL?

How do I Allow only a certain IP address(es) to access my site using SSL?

On Cloud Sites, due to our unique hosting environment, we require a slight addition to the code used for the Allow only feature via SSL. Basically the issue is that the requesting IP coming into a server is the IP of our load balancing server instead of the visitor's. This means limiting access on an IP level through .htaccess becomes problematic. The answer is that we provide an environment variable called HTTP:X-Forwarded-For which has the visitor's ip.

In the .htaccess file containing your rules, place the following into your file: Allowing only a certain IP/IP Addresses:

RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-For} 000\.000\.000\.000
RewriteRule .* - [F]

Replace 000\.000\.000\.000 with your IP address. This will only allow your IP address to access your site, and is a great way to develop your site without restrictions.

Important note: Implementing this code may prevent images from loading on your cloud site. To address this you can add the following code do your .htaccess file:

<FilesMatch "\.(gif|jpe?p|png)$">
order deny,allow
allow from env=allowclient

Was this content helpful?

© 2015 Rackspace US, Inc.

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License

See license specifics and DISCLAIMER