technese.com

Block IP address using .htaccess for Apache or using url.access-deny for Lighttpd

For Apache Web Server, edit the .htaccess per directory:

Allow access from a certain IP address:

In this case, stands for a specific IP address. For example:

order deny,allow
deny from all
allow from 192.168.1.2

Deny access from a specific IP address:

order allow, deny
allow from all
deny from 192.168.1.2

For multiple IP addresses:

order deny,allow
deny from all
allow from 192.168.1.2 192.168.1.3
allow from 192.168.1.4

For Lighttpd web server:

Edit lighttpd.conf

$HTTP[“remoteip”] == “192.168.1.2″ {
url.access-deny = ( “” )
}

Do not allow IP address 192.168.1.2, 192.168.1.3 to access our site:

$HTTP[“remoteip”] =~ “192.168.1.2|192.168.1.3″ {
url.access-deny = ( “” )
}

or

$HTTP[“remoteip”] == “192.168.1.2|192.168.1.3″ {
url.access-deny = ( “” )
}

Allow ONLY IP addresses, 192.168.1.2, 192.168.1.3 to access,
note the != which means ‘string does not match’ operator basically – IF remoteip is not
192.168.1.2 or 192.168.1.3, THEN deny:

$HTTP[“remoteip”] != “192.168.1.2|192.168.1.3″ {
url.access-deny = ( “” )
}

Reference:

http://www.htpasswdgenerator.com/apache/htaccess.html
http://www.cyberciti.biz/tips/lighttpd-restrict-or-deny-access-by-ip-address.html
http://redmine.lighttpd.net/wiki/1/Docs:Configuration
http://perishablepress.com/press/2006/01/10/stupid-htaccess-tricks