Password protecting Apache Site for external users only

In order to make an intranet an extranet, you need to place the intranet on a server in the DMZ.
From here, configure a virtual server accordingly (e.g.

You will need to configure on an internal DNS (or smoothwall /etc/hosts when using a webproxy) a reference to

Your global DNS for should not have intranet specified. This should be invalid in some way. For example in my sites, I have a catch all domain that is an and with wildcard DNS, any invalid domain URL’s in the * go here. For example, try

Now, within your Apache Httpd conf VirtualHost directive you need to add the following.

<Directory "/home/intranet/www">
  Options Indexes

  Order deny,allow
  Deny from all
  Allow from 192.168.100
  Allow from 10.1.1
  Require valid-user
  Satisfy any

  AllowOverride AuthConfig
  AuthType Basic
  AuthName "Administration Access Only"
  AuthUserFile /home/intranet/.htaccess

You just need to create the appropiate .htaccess file, and restart Apache httpd. Access from the internal network is allowed via IP, and everything else must use the authentication model used.

To setup external access, I created a sepearate subdomain called extranet. To further restrict this past basic access, I configured to to connect to the firewall only on port 81, and then had a rule to redirect to port 80 on the DMZ machine.

So what I ended up with was: internally accesses the intranet. externally redirects to a custom invalid/unknown subdomain page throws a browser not error prompts for a username/password to access intranet.