I have (maybe silly) question regarding the apache2 webserver and security - I am trying to archieve this: Users connecting from 192.168.1.24 not to be prompted for password and allowed Others asked for username and password if correct then connect. I am trying to do this for the whole directory /var/www

No matter whether I put the code into .htaccess file or in httpd.conf it doesn't work for me.

Order deny,allow 
Deny from all 
AuthName "PassRequest" 
AuthType Basic 
AuthUserFile /var/.htpasswd 
Require valid-user 
Allow from 192.168.1.24 
Satisfy Any

If I try to connect to the page I am allowed from both the allowed IP or any other, If I remove the satisfy any line then I am prompted for password, if I remove the password too and try to connect from different IP I am NOT REFUSED ... is there some module that needs to be activated or why is the IP directive skipped ?

It needs to be put in every folder or /var/www/.htaccess is enough ? can I just put it in httpd.conf instead or not ??

I spend last 4 hours trying to google up why it is acting like that, Any help will be highly appreciated :-))