How can I password prompt certain IPs and allow all others free access using Apache?
Just add 'allow from myiprange' or 'allow from myinternalnetwork.com'. The 'Satisfy any' will require either a valid-user or the allow from.
See: Authentication, Authorization, and Access Control
Generally the default config has unrestricted access for everyone
<Directory "/home/web/htdocs">
Order allow,deny
Allow from all
</Directory>
Then you must force authentication for your restricted area by denying all, then allowing just those subnets, followed by any requirements for how they actually would authenticate. Satisfy all is used to insure both policies of access are required.
<Directory "/home/web/htdocs/restricted">
Order Deny,Allow
Deny from all
Allow from 58.240.0.0/15
Allow from 58.242.0.0/15
Require valid-user
Satisfy all
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /home/web/.htpasswds/.htpasswd
Require valid-user
</Directory>
Caveat!
Every single time I think I understand the rules for how authentication works, I have to futz with the config repeatedly until I get some nuance correct. Use this only as a starting point. Re-read the apache documentation on mod_auth and mod_access in particular, paying special attention to the Order directive. Therein lies your answer.
Hope this helps, and please post your working example if it doesn't match this one, as this is a pretty good recipe to have in an apache cookbook.
--edit--
Testing the above shows that restricted area is forbidden to all except for those from the IP address, who must provide authentication.
It is not clear from your question if users from other IPs need unfettered access to this 'restricted area' or if they are simply forbidden?
This is the code I use to allow all users, deny the ones form China and password prompt those:
AuthType Basic
AuthName "Restricted"
AuthUserFile /home/.htpasswds/.htpasswd
Require valid-user
Order Allow,Deny
Allow from all
deny from 58.14.0.0/15
....
deny from 222.249.192.0/18
satisfy any