DENYING WEBSITE ACCESS

Denying and allowing access to your website can be accomplished very easily with .htaccess. Previously we have discussed how we can ban certain IP addresses from accessing our website by using a PHP script, however there is an even easier way to accomplish denying certain IP addresses access to your website, and that way is called .htaccess.

In order to block an IP address you would use the following command in your .htaccess file:

deny from 000.000.000.000

Replace 000.000.000.000 with the IP address you wish to block. If you only specify one or two groups of the numbers you will block a whole range of IP's.

You can also use .htaccess to deny everyone access to a directory except for scripts. For example lets say that you have all your database passwords and configuration files in a folder called configs. You want to be able to include the files inside that folder using PHP in most of your webpages, but you don't want them to be accessible via the internet. In order to accomplish this you would create a new .htaccess file and place it into the configs folder and place the following command into it:

deny from all