Hi i should only allow the particular ip address(which is HTTP:X-FORWARDED-FOR adresses) to access the files. I have done it by the following
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP:X-FORWARDED-FOR} !^xxx.xxx.x.xx$
RewriteRule ^$ http://xxx.xxx.x.xx/access_denie.php [R=301,L]
Now i have to allow it for multiple ip for example yyy.yy.y.yy. How can i do it by using htaccess
The ^xxx.xxx.x.xx$ portion of your RewriteCond is simply a regular expression. You can easily use groups to add more IP addresses:
^(xxx\.xxx\.x\.xx|yyy\.yy\.y\.yy)$
You will notice I have escaped all the .s with a backslash - this is because . has a special meaning in a regular expression, and it needs to be escaped if you want it to match only a literal . character.
So your new RewriteCond will look like this:
RewriteCond %{HTTP:X-FORWARDED-FOR} !^(xxx\.xxx\.x\.xx|yyy\.yy\.y\.yy)$
You can easily add more IP addresses, simply separate them with | characters.
Please note, however, that this approach does not give you any real security. It would be easy to spoof a request to get past this. If you need security you should use SSL and a proper authentication system instead.
RewriteCond %{HTTP:X-Forwarded-For}i 1\.1\.1\.1 [OR]
RewriteCond %{HTTP:X-Forwarded-For}i 2\.2\.2\.2 [OR]
RewriteCond %{HTTP:X-Forwarded-For}i 3\.3\.3\.3
RewriteRule ^(.*) - [F]
OR
RewriteCond %{HTTP:X-Forwarded-For} (1\.1\.1\.1|2\.2\.2\.2|3\.3\.3\.3)
RewriteRule ^(.*) - [F]
