A couple of months ago, I was looking for a way to restrict a development site in such a way, that while people were at work (where we have a static IP), and then require a .htpasswd file for everyone outside.
Well, it was actually kind of simple. After you've got your .htpasswd file set up, just throw this inside your vhost
AuthName "Change This" AuthUserFile /path/to/.htpasswd AuthType Basic Satisy Any <Limit GET POST> Order Deny,Allow Deny from all Allow from 126.96.36.1999 Require valid-user </Limit>
For your environment, you should change the AuthName, the AuthUserFile, the Limit (maybe, GET and POST might be enough), and the IP (188.8.131.529).
Change out the variables for what your environment requires, and you should be all set.