Can .htaccess be set up so it denies users based on an IP address, but even those with a friendly IP address must still log-in with a username and password?
Here's what I have so far -- but it lets the friendly IP address in without requiring username and password. I want all non-friendly IP's be shut out and friendly IP's to give me a user-name and password to enter.
AuthUserFile /path to my file/.htpasswd
AuthName "Protected Area"
<Limit GET POST>
deny from all
allow from 184.108.40.206