The first time I built a React app on Laravel, most of my time was spent simply building out the infrastructure related to authentication (login, registration, password reset, etc).
With a server rendered app, Laravel generates the authentication boilerplate for you. But for a 100% React frontend, all these pieces need to be built custom: an auth API (with JSON web tokens), routing, forms and form validation, persistent storage, and tests. There’s also aren’t many tutorials or example projects that show how it all works together.
I recently developed an internal website for our company that wanted to be accessible to employees only. Instead of having a server level password, or individual WordPress logins, we decided to just limit access to by IP address. This way everyone on the office network could access easily, but outside the network they would get an access denied message.
We use WP Engine for hosting, but IP whitelisting or blocking should work with any host.
One quick method to set this up is by editing the .htaccess file directly (this should be in the base folder of your WordPress directory) and add the 3 lines at the top of this codeblock:
You’ll want to change the IP address in the example (98.6.000.111) to the IP you want to whitelist. You can also whitelist multiple IP addresses by just adding more below that line.
An easier option (in my opinion) is to use the Restricted Site Access plugin, maintained by the folks at 10up. This plugin provides you with a dashboard to set up the IP restrictions, and also allows you to set a custom restriction messages or redirects.