I am new at apache security, but I think I understand how access controls work. I am trying to restrict access to a virtual host to only computers with specific IP addresses. The application is Surftrackr, I have setup its own virtual host (surftrackr.domain.com), below are the default files for the virtual host and .htaccess. This would allow any host access the site surftrackr.domain.com, which is not what I want. From what I read the 'AllowOverride All' tells apache to read the .htaccess access controls, I changed the .htaccess to the following. Doing the above denies me from any client, even 10.2.2.229. The way the network is setup here is that 10.2.0.0/255.255.0.0. What I am wondering is if apache is thinking the IP 10.2.2.229 is a class A, therefore its still blocking the specified IP address. Please help!!! Thanks in advance!!!