It is sometimes necessary to restrict access to your site or areas of your site.
These techniques are often used to restrict access to the admin interface of the site.
Authentication can be used to require only people who have been provided a set of credentials to be able to access your site or parts of your site.
<Location "/"> AuthType basic AuthUserFile "/home/deploy/app/public/authorised_users.htpasswd" Require valid-user </Location>
You can use IP whitelisting to restrict access to only connections from known IP addresses.
Whitelisting is only useful when the real IP of the connecting user is known.
Example (Apache 2.2):
<Location "/admin"> Order Deny,Allow Deny from all Allow from 184.108.40.206 Allow from 220.127.116.11/24 </Location>
Example (Apache 2.4):
<Location "/admin"> Require ip 18.104.22.168 Require ip 22.214.171.124/24 </Location>