How to Restrict Access to Your Site Using .htaccess deny from all
If you’re currently testing your site or setting it to maintenance mode, you might want to restrict visitors from accessing it. You can do so by adding the deny from all command to .htaccess.
In this tutorial, we’ll show you exactly how to do it. But first, let’s take an in-depth look at the .htaccess file!
What Is .htaccess?
.htaccess stands for “Hypertext Access”, it’s a configuration file which is used by Apache-based web servers to modify the server’s behavior.
You can also utilize the file for other purposes, such as creating a password for your site, changing your site’s time zone, making a custom error page, changing the default index page or redirecting URLs. You just need to add a few commands to .htaccess to make it happen.
For example, deny from all is a command that will allow you to apply access restrictions to your site.
How to Edit the .htaccess File?
If you want to edit the .htaccess file, you should enter the root folder of your site through your hosting control panel’s file manager or an FTP client such as FileZilla.
Let’s cover how to edit an existing .htaccess file using Hostinger’s hPanel:
- Log in to the hPanel.
- Enter the File Manager, which is located under the Files section.
- Access the public_html directory.
- Look for the .htaccess file, right-click on it, and choose edit.
You can start modifying the file right away. If you can’t find the .htaccess file in the public_html directory, you can create it yourself. Just click the New File button at the top right corner of the file manager, name it .htaccess, then click Create.
How to Use .htaccess deny from all to Restrict All Access?
Since a complete restriction would apply to your IP address too, you should identify your IP address beforehand using tools like What Is My IP Address and create an exception.
Make sure that your IP address is static, not dynamic, so you wouldn’t have to change it in the .htaccess file frequently.
Now, let’s place the deny from all command in the .htaccess file. Add the following code snippet to the top of the file if you want to block all access except yours:
order allow,deny deny from all allow from IP
Replace IP with your IP address to create the exception.
Now, if you want to allow access from all IP addresses but restrict access from a specific one, you can use this format:
order allow,deny deny from UndesiredIP allow from all
Here, as in the previous example, replace UndesiredIP with the IP address you want to restrict. Make sure to save the .htaccess file to apply the changes.
If you want to block access from specific countries, check out our other article here.
Conclusion
Now you’ve learned that restricting access to your site can be done by using .htaccess with the deny from all command. Don’t forget to allow access to your own IP address!
Do you have further questions regarding the .htaccess deny from all command? Let us know in the comment section!
Edvinas is a Backend Developer at Hostinger. During his free time, he likes to play Airsoft and play music with his band.
Comments
August 11 2020
How do you setup a site password instead of the "deny access" process which keeps failing for me?
August 25 2020
Hey there Ivan! I believe what you are referring to is password protecting a directory! If you are hosting via Hostinger, we have a a nice little tutorial to achieve that right here! :)