Fall Sale! Code FALL2024 takes 25% OFF our Pro Plugins & Books »
Web Dev + WordPress + Security

Temporary PHP Redirect: Allow Multiple IP Access and Redirect Everyone Else

[ Image: Abstract Mathematical Diagram ] In my previous article on temporarily redirecting visitors during site updates, I present numerous PHP and HTAccess methods for handling traffic during site maintenance, updates, and other temporary periods of downtime. Each of the PHP methods presented in the article allow for access from a single IP while redirecting everyone else. In this article, we modify our previous techniques to allow access for multiple IP addresses while temporarily redirecting everyone else to the page of our choice. Plus, while we’re at it, we’ll explore a few additional ways to adapt and use the general technique.

Option One — Quick & Dirty

This is the easiest way to inform your visitors that the site is temporarily unavailable. Especially useful for quick site updates, this code will return a “503 Service UnavailableHTTP status code to the client device while displaying a customized message informing visitors that a site update is in progress. Simply edit the following code with the allowed IP addresses and place at the very beginning of your header.php file:

<?php $allow = array("123.456.789", "456.789.123", "789.123.456");

if(!in_array($_SERVER['REMOTE_ADDR'], $allow) && !in_array($_SERVER["HTTP_X_FORWARDED_FOR"], $allow)) {

	$retry = 60 * 60; // = 60 minutes

	header("HTTP/1.1 503 Service Unavailable");

	header("Retry-After: $retry");

	echo "<h1>Site update in progress - Please return in 60 minutes!</h1>";

	exit();

} ?>

Here are the items you should customize for the previous code to function properly:

  • Edit the value for the “$allow” variable in the first line to include the various IP addresses for which you would like to allow; all other IPs will receive the update message and accompanying status code.
  • Edit the value of “$retry” variable in the third line to reflect the amount of time that should transpire before the client/visitor should revisit your site.
  • If desired, edit the temporary “maintenance message” in the sixth line with whatever text, markup, or script you wish.

Option Two — Full Meal Deal

This method is more flexible in that it provides a temporary redirect to an alternate location. This is useful when you would like to send your visitors to a completely customized maintenance page or to a preexisting page on a different domain. As before, this method also delivers a “503 Service UnavailableHTTP status code to the client and instructs a revisit after the specified period of time. To throw it down, first edit the next code block according to the list below and place at the top of your header.php file:

<?php $allow = array("123.456.789", "456.789.123", "789.123.456");

if(!in_array($_SERVER['REMOTE_ADDR'], $allow) && !in_array($_SERVER["HTTP_X_FORWARDED_FOR"], $allow)) {

	header("Location: http://domain.tld/path/custom.php");

	exit();

} ?>

..then, edit and paste this code into the top of your customized maintenance page (e.g., custom.php):

<?php $retry = 60 * 60; // = 60 minutes

   header("HTTP/1.1 503 Service Unavailable");

   header("Retry-After: $retry");

?>

Here are the items you need to customize for the previous method to function properly:

  • Edit the value for the “$allow” variable in the first line to include the various IP addresses for which you would like to allow; all other IPs will receive the update message and accompanying status code.
  • Edit the “("Location: http://..)” in the third line to reflect the location of your customized maintenance page.
  • Edit the value of “$retry” variable in the third line to reflect the amount of time that should transpire before the client/visitor should revisit your site.

Option Three — Combo Pack

Our third method for redirecting site visitors during updates and maintenance is somewhat of a hybrid of the first two methods. As before, we are redirecting visitors to an alternate location, only this time we are replacing the content of the target maintenance page with an informative message. This option provides yet another degree of flexibility by enabling you to redirect and replace content on the fly. To set it off, edit and drop this first code chunk into the top of your header.php file:

<?php $allow = array("123.456.789", "456.789.123", "789.123.456");

if(!in_array($_SERVER['REMOTE_ADDR'], $allow) && !in_array($_SERVER["HTTP_X_FORWARDED_FOR"], $allow)) {

	header("Location: http://domain.tld/path/custom.php");

	exit();

} ?>

..and then edit (if needed) and slap this bad boy at the beginning of your target page (i.e., custom.php):

<?php $retry = 60 * 60; // = 60 minutes

	header("HTTP/1.1 503 Service Unavailable");

	header("Retry-After: $retry");

	echo "<h1>Site update in progress - Please return in 60 minutes!</h1>";

	exit();

?>

Here are the items you need to customize for the previous method to function properly:

  • Edit the value for the “$allow” variable in the first line to include the various IP addresses for which you would like to allow; all other IPs will receive the update message and accompanying status code.
  • Edit the “("Location: http://..)” in the third line to reflect the location of your customized maintenance page.
  • Edit the value of “$retry” variable in the third line to reflect the amount of time that should transpire before the client/visitor should revisit your site.
  • If desired, edit the temporary “maintenance message” in the sixth line with whatever text, markup, or script you wish.

Additional Ideas and Implementations

While thinking of different ways to use this PHP redirect technique, the first thing that comes to mind is a PHP variation of this HTAccess method for redirecting select visitors to alternate pages. To do this, we need to modify the second line of the second method as follows:

<?php $deny = array("123.456.789", "456.789.123", "789.123.456");

if(in_array($_SERVER['REMOTE_ADDR'], $deny) || in_array($_SERVER["HTTP_X_FORWARDED_FOR"], $deny)) {

	header("Location: http://domain.tld/path/alternate-page.php");

	exit();

} ?>

As before, edit that code and place it into into the header of any page(s) for which you would like to restrict access. Keep in mind, however, that this time the IP addresses listed in the array are being blocked. After editing the IP array, simply change the header location in the third line to whatever alternate URL you wish.

Other ideas for this code involve using the code to blacklist an array of IP addresses from site access. You could also use this code to selectively allow certain IPs to various target pages on your site. The take home message here is that this general technique enables you to redirect, restrict, or allow access in a selective manner for any number of pages or directories throughout your site. If you have alternate methods or ideas for implementation, please share by leaving a comment below. Cheers!

About the Author
Jeff Starr = Web Developer. Book Author. Secretly Important.
Digging Into WordPress: Take your WordPress skills to the next level.

13 responses to “Temporary PHP Redirect: Allow Multiple IP Access and Redirect Everyone Else”

  1. Andrew Roberts 2012/03/09 9:12 pm

    I just need to redirect for all but two IP’s. This works for me:

    # MAINTENANCE-PAGE REDIRECT
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REMOTE_ADDR} !=1.222.333.44
    RewriteCond %{REMOTE_ADDR} !=555.666.777.8
    RewriteCond %{REQUEST_URI} !^/comingsoon\.html$
    RewriteRule .* /comingsoon.html [R=302,L]
    </IfModule>

    Any reason not to use that?

Comments are closed for this post. Something to add? Let me know.
Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
SAC Pro: Unlimited chats.
Thoughts
I disabled AI in Google search results. It was making me lazy.
Went out walking today and soaked up some sunshine. It felt good.
I have an original box/packaging for 2010 iMac if anyone wants it free let me know.
Always ask AI to cite its sources. Also: “The Web” is not a valid answer.
All free plugins updated and ready for WP 6.6 dropping next week. Pro plugin updates in the works also complete :)
99% of video thumbnail/previews are pure cringe. Goofy faces = Clickbait.
RIP ICQ
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.