Apache 2.4 authenticate anonymous users but allow others by IP

You only need the RequireAny condition:

<RequireAny> and </RequireAny> are used to enclose a group of authorization directives of which one must succeed in order for the <RequireAny> directive to succeed.

<RequireAny>
    Require ip 1.1.1.1
    Require valid-user
</RequireAny>

As you are running Apache 2.4 you can use expressions. In your case that would be:

<If "%{REMOTE_ADDR} != '127.0.0.1'">
  AuthType Basic
  AuthName "Restricted area - authorised users only"
  AuthUserFile usr/local/apache/passwd
  require valid-user
</If>

CIDR notation is supported, too. E.g.:

<If "%{REMOTE_ADDR} != '192.168.0.0/24'">
  AuthType Basic
  AuthName "Restricted area - authorised users only"
  AuthUserFile usr/local/apache/passwd
  require valid-user
</If>

Apache 2.4 authenticate anonymous users but allow others by IP

Tags:

.Htaccess

Flask

Apache 2.4

Related

Recent Posts