function getUserIP() {
    $client  = @$_SERVER['HTTP_CLIENT_IP'];
    $forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
    $remote  = $_SERVER['REMOTE_ADDR'];

    if      (filter_var($client, FILTER_VALIDATE_IP))   {$ip=$client;}
    elseif  (filter_var($forward, FILTER_VALIDATE_IP))  {$ip=$forward;}
    else    {$ip = $remote;}
    return $ip;
} 
$ip = getUserIP();
$whitelist = array('172.18.131.26','172.18.131.254');
if(!in_array($ip, $whitelist))    {
    echo "Not Whitelisted client";die;
    // Here comes the markup for some Error Message on the page if requested from outside

} else {
    // Buisness as usual, the generic wp page loop 
    get_header(); 
    get_sidebar();
    get_footer();
}
?>