Restrict access to a site by IP address

[pvaden]

This seems like a stupid question, with likely an obvious answer, but I can't find it anywhere.

Is there a way in WHM/cPanel to limit access to one of the hosted sites by IP address? I'd prefer not to use .htaccess for various reasons, but need a site to only be accessible from a company's outbound IP address. (I realize this isn't foolproof security, but it is requested by the site owner)

I would normally do this in the apache VirtualHost section for the site with something like:

Code:

Order allow,deny
Allow from 192.168.1.0/24
Allow from 127

but cPanel apparently builds the httpd.conf file from other sources, and I don't know where those include files are for the individual sites.

Also, I have the mod_security and ConfigServer ModSec plug-ins, but they seem centered on banning individual IPs for abuse. I don't see an interface to whitelist a single IP and deny all others.

Also, I don't like using the global options I see in the mod_security plug-in because I don't want to affect any other hosted sites.

So, the question is: What is the best practices way to restrict traffic to a single IP for a given website, without affecting any other hosted sites.

[vanessa]

put those lines in the .htaccess of your site. If you want to use includes, there are include lines commented out by default in your httpd.conf. Uncomment them, create the folders they refer to, then drop a *.conf file in there with the allow rules.

[garrettp]

Try cPanel >> Security >> IP Deny Manager.