Restricting access to hidden site using .htaccess

Just like in real-life construction and rebuilding, you sometimes need to demolish and rebuild an existing website. And you probably want to do this behind a very nice and safe wall.

The wall, in our case, will be a “currently rebuilding. please visit soon” index.html file. If directory index priority is set to html then php, now the index.html file will be our visible website and hide the soon-to-be-demolished php-based website.

But what do we do with all the incoming links, all of which send to a particular page processed by the old website structure (index.php) which all still work?

Well, we’ll need to block access to all visitors (except ourselves) and redirect them to index.html. We achieve this by creating a (or editing the existing) .htaccess file and adding the content below:

RewriteEngine On                            # turn on mod_rewrite
RewriteBase /
RewriteRule ^index\.html$ - [L]             # do not block if visitor is requesting the index.html file itself
RewriteCond %{REMOTE_ADDR} !^188\.100\.*    # do not block our own IP block (use A\.B\.C\.D for your static IP or A\.B\.* for a network block if your ISP uses dynamic IP)
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{REQUEST_URI} !\.css$          # optional - do not block CSS (in case our index.html uses such)
RewriteCond %{REQUEST_URI} !\.js$           # optional - do not block JS (in case our index.html uses such)
RewriteCond %{REQUEST_URI} !\.jpg$          # optional - do not block JPEG images (in case our index.html uses such)
RewriteRule . /index.html [R,L]             # redirect to index.html and stop processing the rewrite

Everything after the # are explanations/comments.

Leave a Reply