Redirect visitors based on IP address

Question

I have made a page that I want to protect with a IP address block.

Everybody that visits example.com should be redirected to example.com/block.php, unless there IP address is known to me. I want to be able to add a lot of IP addresses in a list somewhere. After I added the IP address of someone to the list, when they visit example.com again, they now should be redirected to example.com/index.php.

Is this possible? I have seen a lot of questions that look the same, but nothing that really answers my question.

You can research this by splitting it into 2 problems: identifying the users' address and redirection. You should be able to find vast amount of examples for both. Also you might want to consider doing this on the web server level. — fejese, Jan 03 '15 at 20:48

score 4 · Accepted Answer · answered Jan 03 '15 at 20:45

There's several ways to do this, since you have the htaccess tag in your question, I assume you're looking for an htaccess file solution.

If you're not using apache 2.4 (or higher), you can use mod_authz to handle all of the blocking. Something like this:

# this makes it so blocked IPs get shown the block.php page
ErrorDocument 403 /block.php

Order Allow,Deny
Deny from all

Allow from 1.2.3.4
Allow from 1.2.3.5
Allow from 5.6.7.8

etc...

Here, you block everything and keep a list of "Allow from" lines. You can shorten them if you want to allow an entire subnet, e.g.

Allow from 1.2.3

will allow an IP starting with 1.2.3.

You can also use mod_rewrite for this:

RewriteEngine On
RewriteCond %{REMOTE_ADDR} !^1\.2\.3\.4$
RewriteCond %{REMOTE_ADDR} !^1\.2\.3\.5$
RewriteCond %{REMOTE_ADDR} !^5\.6\.7\.8$
RewriteRule ^ /block.php [L,F]

Here, you have a bit more flexibility since you can use a regular expression to match the IP. So you can do stuff like:

RewriteCond %{REMOTE_ADDR} !^1\.2\.[3-6]\.

So this allows all IPs starting with: 1.2.3, 1.2.4, 1.2.5, and 1.2.6.

You can also put these directives into the server/vhost config file, it'll work a bit faster there instead of the htaccess file.

Viktor Svensson · Answer 2 · 2015-01-03T20:52:05.433

2

How about this?

<?php
$allowed = array(
    '123.45.67.890',
    '456.45.67.890',
    '789.45.67.890',
);

if(!in_array($_SERVER['REMOTE_ADDR'], $allowed)) {
    header("Location: /block.php");
    exit();
}

// continue with code ...

?>

Hope it works!

edited Jan 03 '15 at 20:52

answered Jan 03 '15 at 20:43

Viktor Svensson

755
3
17

It will work, but will cause an infinite redirect if put in `index.php`, invert the condition logic an it should be fine. – Lawrence Cherone Jan 03 '15 at 20:45
I am, of course, assuming that the script is not running on `index.php`. – Viktor Svensson Jan 03 '15 at 20:47
I saw, beat me to it ;p – Lawrence Cherone Jan 03 '15 at 20:53
Thanks for your help, I chose the answer with the .htaccess file. Just because that one is empty now and for me cleaner to edit. – Thomas Jan 03 '15 at 20:57

Redirect visitors based on IP address

2 Answers2