Hi I want to secure admin login page with IP whitelist by using .htaccess file for apache. .htaccess file has rule like below, so that only below IP can access the ISPconfig admin login page Order Deny,Allow <Limit GET HEAD POST> Allow from xx.xx.xx.xx </Limit> But I don't know where to put the .htaccess file, where the path? will it break ISPconfig from working properly? thanks, Sky
I believe /usr/local/ispconfig/interface/web/; I don't know offhand if a .htaccess file there will survive a future ispconfig update. No, that should work fine to limit access. About the only issue that comes to mind to consider is the remote api, as you would need to allow access to that if you use it (eg. via roundcube ispconfig plugin on a remote server or similar).
