meta data for this page
Translations of this page:

Access control to phpList admin pages

This article describes ways of limiting access to the administrative pages beyond the standard username and password login system.

Using Apache rewrite module

Configure Apache to block access to all admin pages (only public pages are accessible):

Options -Indexes
<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{REQUEST_URI} ^/phplist/admin
	RewriteCond %{REQUEST_URI} !^/phplist/admin/ui
	RewriteCond %{REQUEST_URI} !^/phplist/admin/js
	RewriteCond %{REMOTE_ADDR} !=x.x.x.x
	RewriteRule ^(.*)$ - [R=403,L]