How to allow access to a website directory from specific IP address in Plesk?

Sergey Senko

Updated January 13, 2026 19:04

kb: how-to Plesk for Linux ABT: Group A

Applicable to:

Plesk for Linux

Question

How to allow access to a website directory from specific IP address in Plesk?

Answer

Using Plesk GUI

If Reverse Proxy Server (nginx) is enabled in Tools & Settings > Services Management and PHP handled by Apache in Domains > example.com > PHP Settings:
1. Log into Plesk.
2. Open Domains > example.com > Apache & nginx Settings.
3. Disable Serve static files directly by nginx.
4. Add the following in Additional directives for HTTP/S section, where 203.0.113.2 is the IP address from which access to a directory should be allowed.:
  
  CONFIG_TEXT: <Location "/exampledirectory">
  Order Deny,Allow
  Deny from all
  Allow from 203.0.113.2
  </Location>
If Reverse Proxy Server (nginx) is enabled in Tools & Settings > Services Management and PHP handled by nginx in Domains > example.com > PHP Settings, where 203.0.113.2 - IP address from which access to a directory should be allowed:
1. Log into Plesk.
2. Open Domains > example.com > Apache & nginx Settings.
3. Add the following in Additional nginx directives section:
  
  CONFIG_TEXT: location / {
  try_files $uri $uri/ /index.php;
  }
  location ^~ /exampledirectory {
  allow 203.0.113.2;
  deny all; location /exampledirectory/ {
  index index.php; }
  location ~ ^/~(.+?)(/.?.php)(/.)?$ { alias /var/www/vhosts/example.com/web_users/$1/$2;
  fastcgi_split_path_info ^((?U).+.php)(/?.+)$;
  fastcgi_param PATH_INFO $fastcgi_path_info;
  fastcgi_pass "unix:///var/www/vhosts/system/example.com/php-fpm.sock";
  include /etc/nginx/fastcgi.conf;
  }
  location ~ .php(/.*)?$ {
  fastcgi_split_path_info ^((?U).+.php)(/?.+)$;
  fastcgi_param PATH_INFO $fastcgi_path_info;
  fastcgi_pass "unix:///var/www/vhosts/system/example.com/php-fpm.sock";
  include /etc/nginx/fastcgi.conf;
  }
  }
If Reverse Proxy Server (nginx) is disabled in Tools & Settings > Services Management
1. Log into Plesk.
2. Open Domains > example.com > Apache & nginx Settings, where 203.0.113.2 - IP address from which access to a directory should be allowed.
3. Add the following to Additional Apache directives section:
  
  CONFIG_TEXT: <Location "/exampledirectory">
  Order Deny,Allow
  Deny from all
  Allow from 203.0.113.2
  </Location>

Directly on the server

Connect to the server via SSH.
Find what version of Apache Web Server is installed on the server:
- for CentOS/RHEL-based distributions:
  
  # httpd -v | grep version
  Server version: Apache/2.2.15 (Unix)
- for Debian/Ubuntu-based distributions:
  
  # apache2 -v | grep version
  Server version: Apache/2.4.18 (Ubuntu)
Check that authz_host_module is installed and enabled:
- for CentOS/RHEL-based distributions:
  
  # httpd -M | grep 'authz_host_module'
  authz_host_module (shared)
- for Debian/Ubuntu-based distributions:
  
  # apache2ctl -M | grep 'authz_host'
  authz_host_module (shared)
Create .htaccess file in the directory where access should be restricted, for example /var/www/vhosts/example.com/httpdocs/exampledirectory/.htaccess using a text editor and add the following content:
- For Apache Web Server version lower than 2.4:
  
  CONFIG_TEXT: Order Deny,Allow
  Deny from all
  Allow from 203.0.113.2
  Allow from 203.0.113.3
- For Apache Web Server 2.4 and greater:
  
  CONFIG_TEXT: <IfModule mod_authz_host.c>
  <RequireAny>
  Require ip 203.0.113.2
  Require ip 203.0.113.3
  </RequireAny>
  </IfModule>
Note: make sure to add the correct IP address to the allow list. The actual IP address used to access the site from, can be seen at https://ifconfig.co/