.htaccess – No Auth for local access/Auth for outside access
For this, we’ll throw an .htaccess file into the directory you don’t want anyone to access that’s served via apache. For this, we’ll also have to have the following set for the directory in the httpd.conf file:
Here’s what the .htaccess file should look like (with a few modifications for location and network if you need):
AuthName "Remote Auth"
deny from all
allow from 192.168.0
And then in the same directory, create the .htpasswd file by:
htpasswd -c .htpasswd username
Then when promptd, enter the password for that username. Make sure both files are owned by apache (or www-data if your webserver runs as such). Viola! It works.
(Note: To add more users that the htpasswd file, do the same command as above, without the -c)