.htaccess Allow from IP or Domain not working
I have a hosted web site and do not have access to the Apache server level or vhost or httpd.conf.
I have an .htaccess in my root folder with a mime directive. I have a subfolder called "/secure". In that folder I have another .htaccess file and an .htpasswd file. I also have a page that allows a download of a .msi file once the user registers. I am trying to protect that page from the general user browser while allowing the site navigation to link to the page once the registration POST is completed correctly (driven by a PERL script).
However, no matter how I access the page (either through the browser or from the correct navigation using a "Go to download" button), I receive a Windows Secure window requesting a user id and passwrod. If I key in the user id and password, the download window displays.
I can't seem to find the combination to allow the page with the button to open the secure page without the Windows Secure window.
The .htaccess code in the "/secure" folder is:
# Begin password protection #
AuthName "Username and password required!"
Deny from all
Allow from localhost
Allow from 220.127.116.11
Allow from msprdev.net
Allow from paypal.com
Allow from google.com
# End password protection #
Any suggestions would be most helpful. If I put in the following in any of the two .htaccess files, I receive an Internal Server error.
Thanks for your attention.