Use .htaccess to restrict external access to my Intranet

Question

I'm sure this is possible, but its beyond my meager abilities with .htaccess files.

We have an internal php app that we use, we have basic security internally, but dont need to worry too much. I would like to make it available online for use when staff are out and about. I would like to have additional security based on htaccess or htpassword files.

Is it possible to write a htaccess file that does the following

• If user is accessing from office.mydomain.com it means they are internal (office.mydomain.com resolves to an internal ip like 192.168.22.22) so allow unimpeded access
• If the user is accessing from outside it will be external.myoffice.com - if this is the case as an added bit of security I would like to use .htaccess and a password file to get the user to enter an apache password.

Can anyone tell me how to write this with .htaccess file?

Update: Thanks for all the answers, I have posted what worked for me as an answer to help others.

Answer 1

You can use

RewriteCond %{REMOTE_ADDR} !^192\.168\.

to specify the condition of an external IP, or use

RewriteCond %{REMOTE_ADDR} ^192\.168\.

for the condition of a local IP.

You will just have to integrate these into your existing htaccess rules in a sensible way.