public function accessRules()
{
return array(
array('allow',
'actions'=>array('dashboard','manage'),
'users'=>array('admin')
'ips'=>array('127.0.0.1'),
...
# All users
array('deny','users'=>array('*')), //all actions deny from all users by default
);
}
and i want to throw "404 - Page not found" error if ips dont have such IP.
403 is the right error code in this situation. If you want something different, you need to extend CAccessControlFilter and override the accessDenied() method there. Then you have to use your custom filter class instead. To do so you can override filterAccessControl() in your base controller.