Added password protection for any access other than localhost or local subnet. I'll remove the domain checks at some point, as we always want an authenticated user for at least determining user settings, if nothing else.

git-svn-id: file:///svn-source/pmgr/branches/pre_0.1_work_20090819@785 97e9348a-65ac-dc4b-aefc-98561f571b83

site/.htaccess

@@ -2,4 +2,24 @@
     RewriteEngine on
     RewriteRule    ^$    webroot/    [L]
     RewriteRule    (.*) webroot/$1    [L]
- </IfModule>
+ </IfModule>
+
+# Lets deny everyone -- its a clean slate!
+order deny,allow
+deny from all
+
+# Now allow local access
+# Localhost
+allow from 127.0.0
+# Local subnet
+allow from 192.168.7
+
+# Provide a mechanism for user authentication
+AuthType Digest
+AuthName "Property Manager"
+AuthUserFile "D:/Website/auth/pmgr.htpasswd"
+Require valid-user
+
+# Instead of satisfy all (too restrictive)
+# This allows EITHER local domain OR authenticated user
+satisfy any