.htaccess allows by IP, password authenticates if IP does not fit

article #1574, updated 328 days ago

There are multiple methods; this is reported to be undeprecated by Apache, possibly the only undeprecated way to do this.

AuthType Basic
AuthName "myserver publicname"
AuthUserFile "/myserverpath/.htpasswds/public/passwd"
require ip 11.12.13.14
require ip 11.12.13.15
require valid-user

Categories: