We faced the following problem:
1. we want to let our clients test projects on our test webserver – using basic http authentication.
2. users from our local network should not be bothered by the username and password request
The solution we implemented:
Place a .htaccess – file in the webroot of your apache webserver with the following content:
Deny from all
AuthName "htaccess password prompt"
Allow from localhost #that would be me
Allow from 192.168.0.0/24 #suppose the ip range of your local network goes from 192.168.0.2 - 192.168.0.254
Use htpasswd to create the file AuthUserFile /path/to/your/webroot/.htpasswd and create at least one user with a password:
htpasswd -c /path/to/your/webroot/.htpasswd username
#you will be promtped for a password
1.depending on your local network configuration you want might to exclude the internal router/gateway IP from the range of IPs(192.168.0.0/24) that do not require authentication
2.of course, the apache virtualhost must be configured in such a manner that .htacces-files are evaluated. Take a look at the AllowOverride directive