I run a little site that is mostly access-protected. If it is viewed from a location within the company IP, no password is needed. If viewed from outside the company firewall, it will ask for a user-id and password. However we wanted to make one subdirectory public.

After trying to add various combinations of “Allow Override” and <Directory > and Location sections to the .htaccess files, and getting nothing but server errors like “.htaccess: In /root_dir/private/ AuthType Basic AuthName “webroot” require valid-user Deny from all # inside company firewall Allow from 100.100.243 Satisfy Any In /root_dir/private/public/ Satisfy Any Allow from All