Trying to block IP from accessing website, cant undo

SYSTEM INFORMATION
OS type and version REQUIRED
Webmin version REQUIRED
Virtualmin version REQUIRED
Webserver version REQUIRED
Related packages SUGGESTED

Dear sirs,
pls help:

What I’m trying to do:

I have a VMIN server with 5-websites, and a public NIC. Everything is working fine.
I’m trying to figure out how to totally block outside access to just 1-website from the internet and allow only a range/several IPs.

On my test server in my local LAN, where I setup a couple of websites:
I went to Virtualmin >> virtual-server name >> services >> configure website
clicked on Directory /home/xyz/public_html >> Access control
action: deny >> request from IP >> then I added the IP of a test(static) PC
save >> apply changes,
etc

Tried accessing from a PC with above IP, the site in question is now blocked.
It shows forbidden: you dont have permission to access this resource.
This is what I want to happen.
Note: other sites on the same server are still opening, ip resolving, etc.

Problem: how can I undo the above:
Now I want to undo what I just did, so I went back there, removed the IP,
action: allow all requests >> save >> apply changes
reloading the same url is giving error that its still “Forbidden: you dont have permission to access this resource”

I have rechecked the access control interface, the IP(which I listed for deny) is not listed anywhere.
I have even rebooted my test server and cleared browser cache, same thing, URL is still forbidden.

How can I undo what I did, allow access to the 1-website which I denied access to before. It seems allowing access is not to be done in the same interface where I denied access

regards
ToK

No personal experience but a quick search shows this answer:

For Apache 2.4, you would use the Require IP directive. So to only allow machines from the 192.168.0.0/24 network (range 192.168.0.0 - 192.168.0.255)

<VirtualHost *:80>
    <Location />
      Require ip 192.168.0.0/24
    </Location>
    ...
</VirtualHost>
1 Like

Make sure there are no lingering deny rules in the Apache configuration files. You can check the specific virtual host file for the website in /etc/httpd/conf.d/ or /etc/apache2/sites-available/ (depending on your OS).