Redirect all IPs except those whitelisted

Question

I want to protect some subdomains from the public. Restriction should be done against a whitelist of IPs. Infinite loop due to the redirect is not a problem as its not the www-domain.

I tried this http://discussions.apple.com/message.jspa?messageID=2411725, but couldnt get it to work.

However I did try this first

RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^123\.45\.67\.89$ [OR]
RewriteCond %{REMOTE_ADDR} !^213\.45\.67\.89$
RewriteRule ^/.* http://www.mydomain.com [R]

.. but didnt work.

What am I doing wrong ?

Answer 1

You have to combine the RewriteCond directives with AND instead of OR as you want to redirect if both conditions are true (therefor the IP address is neither X nor Y). So try this:

RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^123\.45\.67\.89$
RewriteCond %{REMOTE_ADDR} !^213\.45\.67\.89$
RewriteRule ^ http://www.example.com/ [R]

Answer 2

This kind of thing is actually exactly what Apache's Allow and Deny directives are intended for. Inside the <VirtualHost> block for the domain you want to restrict access to, put this:

<Location />
    Order allow,deny
    Allow from all
    Deny from 123.45.67.89
    Deny from 213.45.67.89
</Location>

However, this would produce a 403 (forbidden) error, which doesn't redirect to your www domain by default. I think you can make it do so by adding the directive

ErrorDocument 403 http://www.example.com