Issue
I've built a Django social media-type website that will run on a Debian server using Apache. I'd like to deploy the site to my production server but restrict access so that only I can see the site while I'm checking that everything is working properly. What are some good ways to restrict access? Do you put up a front page that requires a password before getting to the actual site homepage itself? Or perhaps create a special firewall rule?
Also, what if you have two separate and distinct public websites that will be hosted on the same server? Does that change your options?
Solution
You can redirect all IP's to a static page (under construction) and just allow your IP to access the site. Below is the code which you need to put in .htaccess or in httpd.conf:
RewriteBase /
RewriteCond %{REMOTE_ADDR} !^1\.1\.1\.1 # where 1.1.1.1 is your IP
RewriteCond %{REQUEST_URI} !^/under_construction\.html$
RewriteRule ^(.*)$ http://my-site.com/under_construction.html [R=307,L]
Put under_construction.html somewhere in your project templates and define an Alias to serve this template in apache.
Answered By - Aamir Adnan