.htaccess file for LDAP and IP restriction

I get asked to setup "secure" directories on a daily basis, for various individuals.  It ranges from restricting access by IP address to specific usernames and sometimes a combination of things.  Here is my "skeleton" access snippet that I use so I don't have to memorize it or keep hitting Google for it.

Order deny,allow

Deny from all

#AuthName "Authentication"

#AuthType Basic

#AuthBasicProvider ldap

#AuthLDAPBindDN "cn=binduser,cn=Users,dc=institute,dc=com"

#AuthLDAPBindPassword "changeme"

#AuthLDAPURL "ldaps://ldap:686/cn=Users,dc=institute,dc=com"

#Require ldap-attribute someattribute=somevalue

#Require valid-user

Allow from 192.168.1.0/24

Satisfy Any

I save this in a text file and I copy/paste it whenever I need to.  (OSX terminal shortcut:  `cat filename | pbcopy`)  In an httpd.conf file, it needs to be enclosed by a <Directory "/path/to/secure"> </Directory>.  Uncomment or comment out the sections you need.

If you want the authentication to be secure, you'll need to redirect the non-HTTPS page to an HTTPS page, then include the directive on the ssl.conf (or whichever vhost you've setup for SSL connections :443).  Otherwise, anything entered in the password prompt will go across the wire in the clear.