It is sometimes necessary to restrict access to your site or areas of your site.
These techniques are often used to restrict access to the admin interface of the site.
Authentication can be used to require only people who have been provided a set of credentials to be able to access your site or parts of your site.
<Location "/"> AuthType basic AuthUserFile "/home/deploy/app/public/authorised_users.htpasswd" Require valid-user </Location>
You can use IP whitelisting to restrict access to only connections from known IP addresses.
Whitelisting is only useful when the real IP of the connecting user is known.
Example (Apache 2.2):
<Location "/admin"> Order Deny,Allow Deny from all Allow from 18.104.22.168 Allow from 22.214.171.124/24 </Location>
Example (Apache 2.4):
<Location "/admin"> Require ip 126.96.36.199 Require ip 188.8.131.52/24 </Location>