Is it possible to lock certain parts of the site to a certain IP?

Like the Admincp folder/section of the site could be locked to only allow access from the following IP's?

It's possible, but why not set up a .htpassword instead? And only give it to the users that you wish to access the admin folder.

I have that, but passwords can be leaked. IP's not so much.

Um... correct me if I'm wrong, but can't you change your IP address to whatever you want? I have a friend that works for a cable company and I'm pretty sure he can.

Um... correct me if I'm wrong, but can't you change your IP address to whatever you want? I have a friend that works for a cable company and I'm pretty sure he can.

The short answer is no you can't....

ok i don't want to say this but i well i made a php file that get all ur forum user hashes but i don't think vbulletin.org like me to post it on there site, is no good buc the thing i make for vb is illegal and i want to be a coder so bad on here but i dont think i well ever be ,:confused:

What are you trying to say?

well if u have a ftp access to any forum u can get all ur user password !!

If you have ftp access then you can also take down the whole site... so I guess that's pretty much useless no?

why take it down if u can have it,

Maybe we can stick to the topic?

I still need to know how to do this.

1. Create a .htaccess file in the desired folder of your choice, ie.. "admincp"

2. Edit the file & add the following, correcting the IP's that you want to have access to that folder.

order deny,allow
deny from all
allow from xx.xx.xx.xx

Replace the xx's with the IP's you want having access, new allow line per IP.

Resave to server

1. Create a .htaccess file in the desired folder of your choice, ie.. "admincp"

2. Edit the file & add the following, correcting the IP's that you want to have access to that folder.

order deny,allow
deny from all
allow from xx.xx.xx.xx

Replace the xx's with the IP's you want having access, new allow line per IP.

Resave to server


This did not work. I tried using a web proxy site, and I could still enter the admincp.

Because you need a "static" IP address to make that .htaccess code work. Very few "average" users these days have this as most hosting connections are dynamic DHCP type connects and not static. OR as you found out Proxy servers easily break the rule. Custom cookies or session or maybe a secure connections may be what you have to do to secure your access?

Because you need a "static" IP address to make that .htaccess code work. Very few "average" users these days have this as most hosting connections are dynamic DHCP type connects and not static. OR as you found out Proxy servers easily break the rule. Custom cookies or session or maybe a secure connections may be what you have to do to secure your access?

I'm not sure, but is their another way to block access from all but certain IP's?

here try this !!
RewriteEngine on
order deny,allow
allow from xx.xx.xxx.xxx
deny from all
and if it worked add this to have them go back to ur forum or what ever ,

RewriteEngine on
order deny,allow
allow from xx.xx.xxx.xxx
deny from all
ErrorDocument 403 http://www.somepage.com