Not all websites are intended to be accessible to the general public. Aerobatic specializes in providing you a choice of robust solutions for locking down your site to authorized users only.
- Password protect plugin - Simple password that you distribute to people that need access.
- Auth0 Plugin - Full featured identity management that allows signups and individual user accounts powered by Auth0.
- Client IP ranges - Make your website accessible only to clients coming from specific IP ranges
Client IP Ranges
You can lock your website down so that it is only accessible to specific IP ranges. Ranges can be set as one or more IPs or CIDR blocks. IPv6, IPv4, and IPv4-mapped over IPv6 addresses are all supported. There are numerous online IP converters that will provide CIDR values given an IP range.
The IP range is set using the CLI clientip command. For example, say you want to restrict access to clients with IPs between
220.127.116.11. Input those values into the converter above, and the following CIDR values are returned:
18.104.22.168/32. Then use the following CLI command to set the ranges:
Using this command you can change the ranges, or remove the IP restrictions at any time without having to re-deploy your site. It takes at most 30 seconds from the time you issue to the command to when it starts to take effect.
To remove all IP restrictions, you can use the following command:
403 Error Page
Visitors whose IP address falls outside the specified ranges will receive an HTTP
403 error page that looks like so:
Custom error page
With the custom-errors plugin you can build your own custom
403 error page to display instead.
plugins: - name: custom-errors options: errors: 403: 403.html
Stage specific restrictions
You can also use IP ranges to restrict access to only specific deploy stages. This is a great solution for limiting access to the test instance of your site even when the production URL is wide open to the public. That way you don't have to worry about anyone randomly stumbling across your test site. Simply append the
--stage option to the CLI command:
My IP Shortcut
Oftentimes it's handy to lock the site down to your current machine's IP address. To save you from having to go look it up in your network settings, we provide an easy shortcut. Simply pass the string "myip" for the
You can of course use this shortcut in conjunction with the