.htaccess Require Password Protection From Certain IP Addresses

I was recently wanting to password protect my development server running Apache2 using .htaccess, but I was getting annoyed by having to enter a password while I’m at the office, or having my boss enter a password when I’m showing him what I’m working on. I recently found how to require password protection for IP addresses outside of our local network. I knew I could allow or deny certain IP address but I didn’t know I could permit access by IP or user authentication. This is my .htaccess file. You’ll have to setup your own .htpasswd file for authentication.

AuthType Basic
AuthName “Development Site”
AuthUserFile /path/to/.htpasswd
Require valid-user
Deny from all
Allow from 192.168.1
Satisfy Any
The Satisfy Any is the key. That allows the user through if they satisfy the Require valid-user or Allow from 192.168.1 directives. Now when I bring up the development site at the office it lets me right through, and from home or if anybody else outside of our office tries to access it, it asks for a password.

Leave a Reply

Your email address will not be published. Required fields are marked *