I wish to safeguard some subdomains in the public. Restriction ought to be done against a whitelist of Insolvency practitioners. Infinite loop because of the redirect isn't a problem since it's not the www-domain.

I attempted this http://discussions.apple.com/message.jspa?messageID=2411725, but couldnt get results.

However did do this first

RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^123\.45\.67\.89$ [OR]
RewriteCond %{REMOTE_ADDR} !^213\.45\.67\.89$
RewriteRule ^/.* http://www.mydomain.com [R]

.. but didnt work.

What shall we be held doing wrong ?

You need to mix the RewriteCond directives with AND rather than OR as you would like to redirect if both the weather is true (because of this the Ip is neither X nor Y). So do this:

RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^123\.45\.67\.89$
RewriteCond %{REMOTE_ADDR} !^213\.45\.67\.89$
RewriteRule ^ http://www.example.com/ [R]

This type of factor is really precisely what Apache's Allow and Deny directives are meant for. Within the <VirtualHost> block for that domain you need to restrict use of, put this:

<Location />
    Order allow,deny
    Allow from all
    Deny from
    Deny from

However, this could create a 403 (forbidden) error, which does not redirect for your www domain automatically. I believe you may make it achieve this with the addition of the directive

ErrorDocument 403 http://www.example.com