Apache 2.4 authenticate anonymous users but allow others by IP
You only need the RequireAny
condition:
<RequireAny> and </RequireAny> are used to enclose a group of authorization directives of which one must succeed in order for the <RequireAny> directive to succeed.
<RequireAny>
Require ip 1.1.1.1
Require valid-user
</RequireAny>
As you are running Apache 2.4 you can use expressions. In your case that would be:
<If "%{REMOTE_ADDR} != '127.0.0.1'">
AuthType Basic
AuthName "Restricted area - authorised users only"
AuthUserFile usr/local/apache/passwd
require valid-user
</If>
CIDR notation is supported, too. E.g.:
<If "%{REMOTE_ADDR} != '192.168.0.0/24'">
AuthType Basic
AuthName "Restricted area - authorised users only"
AuthUserFile usr/local/apache/passwd
require valid-user
</If>