Tuesday, June 24, 2014

.htaccess Restrict Magento admin page access to a certain allowed IP address behind a reverse proxy

.htaccess Restrict Magento admin page access to a certain allowed IP address behind a reverse proxy
<IfModule mod_rewrite.c>
  ### Restrict Magento admin page access to a certain allowed IP address
  RewriteCond %{REQUEST_URI} ^/(index.php/)?admin [NC]
  #RewriteCond %{REMOTE_ADDR} !(^192\.168\.1\.7$|^192\.168\.1\.9$)
  RewriteCond %{HTTP:X-FORWARDED-FOR} !(^192\.168\.1\.7$|^88\.88\.88\.88$)
  RewriteRule ^(.*)$ http://%{HTTP_HOST}/ [R=302,L]
</IfModule>

No comments: