This method is useful for internal documents. We could deny access to anybody outside the NYU network or, for instance, allow access for only the machines in the NYU Information Technology (NYU IT) subnet.

This method requires one file - the .htaccess file. Create a .htaccess file with the following text (all on separate lines). Make sure there are no spaces between the comma after the word deny and the word allow.

Creating your .htaccess file

Restricting access based on domain required you to first create a .htaccess file. The text for your .htaccess file will differ based on how you want to restrict domain access.

  1. Follow steps to create your .htaccess file.
  2. Determine how you want to restrict domain access and customzie your .htaccess file accordingly:
    1. Allow only machines on the NYU.edu network
    2. Allow only machines on the NYU IT subnet
    3. Allow everybody except for foo.ap.nyu.edu and bar.ap.nyu.edu
  3. Test your .htaccess file.

Options for domain-based restriction

Allow only machines on the NYU.edu network

<LIMIT GET POST>
order deny,allow
deny from all
allow from .nyu.edu
</LIMIT>

Allow only machines on the NYU IT subnet

<LIMIT GET POST>
order deny,allow
deny from all
allow from .its.nyu.edu
</LIMIT>

Allow everybody except foo.ap.nyu.edu and bar.ap.nyu.edu

<LIMIT GET POST>
order deny,allow
deny from foo.ap.nyu.edu, bar.ap.nyu.edu
allow from all
</LIMIT>

Testing your .htaccess file

Remember to test out the restriction file to ensure that it is working correctly. Go to the URL of the part of your site that you've restricted and enter in the appropriate information combination. Remember, once you've logged in successfully, you'll need to quit and restart your browser in order to test again.