I have a section on a website that blocks access to all IPs, except for those that are whitelisted. For IPv4, this is very simple, because even with dynamic IPs, they generally won't changed for months, or even years.
However, with IPv6, these seem to alternate every 24 hours or so. This means that I can't simply whitelist the initial IPv6 IP and call it good, because it'll just change again too quickly. Therefore, I need to whitelist a whole range. Even after reading about and testing IPv6 over the past couple of days, I'm still not confident I've got a handle on it.
Here's what I've got:
order deny,allow
allow from 1234:123:4567:ab1::/64
deny from all
The first 4 sections of the IP address never change, but the last 4 sections constantly change. Is this the correct way to whitelist an individual's IP in this context?