diff --git a/ansible/deploy.yaml b/ansible/deploy.yaml
index 50fb69b75ef8bbfe4d3dbcf9ecb8b2b123810edb..0fa7ea0bbd9faf9a7071810caad1ec89647417f4 100644
--- a/ansible/deploy.yaml
+++ b/ansible/deploy.yaml
@@ -16,6 +16,7 @@
   - name: install python requirements
     pip: requirements=/home/ippidb/iPPIDB/ippisite/requirements.txt extra_args=--upgrade executable=pip3
   - name: collect static files
+    become_user: ippidb
     django_manage:
       command: "collectstatic"
       app_path: "/home/ippidb/iPPIDB/ippisite"
@@ -23,6 +24,11 @@
     django_manage:
       command: "runmodwsgi --setup-only --port=80 --user ippidb --group wheel --server-root=/etc/ippidb-80"
       app_path: "/home/ippidb/iPPIDB/ippisite"
+  - name: restrict access to the web server to specific IPs
+    lineinfile: dest=/etc/ippidb-80/httpd.conf 
+                regexp=''
+                insertafter=EOF
+                line='<Location '/'>\nRequire all denied\nRequire ip 10.6.108.60\nRequire ip 157.99\n</Location>\n'
   - name: copy systemd service file for IPPIDB-web
     copy: 
       remote_src: true