I have to apply HTTP auth just in public places utilization of website, however i dont put it on on my small localhost. This really is my .htaccess I believe should work however it dont work - still it request me for user/pass.
What shall we be held doing wrong?

SetEnvIf Remote_Addr ^127\.0\.0\.1$ develmode
<IfDefine !develmode>
    AuthType Basic
    AuthName "ADMIN"
    AuthUserFile /path/to/.htpasswd
    Require valid-user
</IfDefine>

mod_setenvif is obviously enabled

You have to consider the order and satisfy key phrases. Working example from the website is below. First we tell that people accept either the IP or USER. Only then do we define htpasswd file path which we accept any valid user from that file. Finally we define which client IP addresses can access our web without auth (we deny other Insolvency practitioners, to ensure that they have to auth via htpasswd).


# permit by USER  IP

Satisfy any

# USER

AuthUserFile /var/www/munin/.htpasswd

AuthGroupFile /dev/null

AuthName "Password Protected Area"

AuthType Fundamental

require valid-user

# IP

order deny,allow

deny all

allow from 11.22.33.