I figure this can be done with htaccess but I am unsure how. Third-party payment processors for the site includes a generic response handler that determines the payment approach to process. Reactions from all of these payment processor are passed via Publish/GET following a redirect using their server. This provides us the responsibility to make sure that the information passed to the response handler indeed came from from the valid payment processor site. The Way I make this happen using htaccess? BTW, I am using PHP if just in case htaccess isn't enough for that solution.

Note: This is the way the response handler URL appears like

http://www.mydomain.com/seo-something-something-payment-callback.html?foo=bar&winnie=thefoo

or perhaps a Publish equivalent.

Thanks in advanced.

When the Ip is constant, you can just produce a section inshtaccess and just permit the given Insolvency practitioners/subnets to gain access to the contents, e.g.

<Directory "/some/dir">
Order Deny, Allow
Deny from All
Allow from 1.2.3.4
</Directory>

Otherwise, you can just look for $_SERVER['REMOTE_ADDR'] variable and match up against the valid address.