Apache2 recognizes my ip address diffrently from my ip address

Question

I want only my IP address or specific IP addresses to access a specific page.

For now, I set up my ip address xxx.xxx.xxx.xxx in .htaccess file to allow access only my ip address like below. (this IP address is the value from https://www.myip.com/)

<Files wp-login.php>
order deny,allow
allow from xxx.xxx.xxx.xx
deny from all
</Files>

after I saved .htaccess file, I ran following command.

sudo service apache2 restart

and when i visited MYPAGE/wp-login.php, i could see the message like, "Forbidden You don't have permission to access this resource.".

so, I checked /var/log/apache2/error.log file. There was an error log with [access_compat:error] [pid 12018] [client 172.aa.a.aaa:aaaaa] AH01797: client denied by server configuration: /var/www/html/wp-login.php

This value here 172.aa.a.aaa:aaaaa is not same with my IP address. Where does this address come from? and how can I know which value of other IP address'?

and.. Is there any way to allow IP addresses which is obtained from https://www.myip.com/ with apache2?

Thank you for reading my question, and I would really appreciate if you could help me.

Answer 1

The IP address you see from https://www.myip.com/ is yours as seen from the Internet.

If your machine and the server hosting MYPAGE/wp-login.php is located behind a proxy/firewall (e.g. inside a local network), then your local IP address will be different.

You can find your local IP address by using ifconfig command (or ipconfig if you are on a Windows machine).

EDIT: since the IP address logged in error.log is varying, you cannot use IP address restriction here. Therefore, Using .htaccess and htpasswd would be more appropriate to secure your login page. You can find an example here.