A common (good) practice is to protect your staging/dev instances with a password. It can be annoying with old browsers that don’t store passwords.
To allow your office IP to connect without entering a password, just add the following lines to your virtualhost config:
AuthName "Protected" AuthUserFile /path/to/.htpasswd AuthType Basic Satisfy Any <Limit GET POST> Order Deny,Allow Deny from all Allow from 126.96.36.199 Allow from 188.8.131.52 Require valid-user </Limit>
- replace 184.108.40.206 with your IPs.
See also Apache HTTP Server Tutorial: .htaccess files