The question you asked:

Can I assume you have a fixed IP? Otherwise you'll have to give your whole UA verbatim, combined with the IP range, and hope for the best.

RewriteCond %{REMOTE_ADDR} your.ip.address.here
RewriteRule (not-here|or-here|or-here-either)\.html?$ alternative-location [R=301,L]

But really, wouldn't a 403 be more appropriate? The pages are forbidden; that's what 403 means.

The question you didn't ask:

This is assuming you have a solid reason for wanting to do it via IP address. A much better approach-- and this too can be done via .htaccess-- is to password-protect certain files, so your children and houseguests don't go snooping where they're not wanted. Otherwise, what happens if you want to check your personal files when you're away from home?

Hi Lucy,

Yes, I have a fixed IP address. Thanks for that mod-rewrite code. Yes, a 403 would be much more appropriate. The php files I don't want them to access do not have links from the site, so there is no 'reason' anyone would want to access them. That said, people will recognise what is running and try to login, no doubt.

Thanks for your suggestions on password protecting the files. These are files I use quite a bit, and I already have to 'login' (via SSL), so I think that may prove tedious to pwd protect those files as well. Yes, it will be a problem if I go away and want access to the website (i.e. login).

Thanks,

Jehoshua

The alternative 403 code, based on the code above:

RewriteCond %{REMOTE_ADDR} ^your\.ip\.address\.here$
RewriteRule ^(not-here|or-here|or-here-either)\.html?$ - [F]

with a few minor syntax corrections (especially anchoring and escaping the IP address).

RewriteCond %{REMOTE_ADDR} 1\.2\.3\.4

without anchoring would also allow IPs beginning n1 and nn1 and IPs ending 4n to access the site (where "n" is a digit).

Hi g1smd,

Thanks for the modifications and explanation. Just so that I'm 100% clear, I don't need to fully qualify these filenames, do I ? Like one may be called http://example.com/login.php , which is in the same path as the .htaccess file, so therefore it would be ..

RewriteRule ^(login|or-here|or-here-either)\.php?$ - [F]

J

Hmm, I uploaded the new .htaccess file, and I can access pages okay, BUT when I try the login, I get redirected back to the home page with a 302.

I also, viewed the site from another IP address (via mega proxy), and when I tried to use that login file, I got redirected also to the main page.

So, the .htaccess is redirecting everyone (including my IP) if they try to use the login.php file

Any clues please ?

Shouldn't there be a '!" in front of my IP, like ..

RewriteCond %{REMOTE_ADDR} !^my\.ip\.add\.ress$

..Later, I added that "!", and now it works just fine. I can access everything, and 'public' can access all, except for the files mentioned in .htaccess

Yep. You found the typo. The ! for NOT is required here.