Apache Authentication by IP and Password at the Same Time

If you like to restrict access to a directory on your Apache web server to users from a fixed IP range without password, and the rest of the world with password authentication the httpd.conf section can look like this:

<Directory “/var/www/htdocs/protected”>
AuthType Basic

  AuthName “Protected Area”
  AuthUserFile /etc/apache/passwd
  Require valid-user

  Order deny,allow
  Allow from <your ip range>
  Deny from all

Satisfy any