Yes, we can restrict files on intranet from outer world.
I am giving you live example here:
when you are working with a multi-environment setup that is synced via a version control system such as Git or Subversion, you need a way to keep your development environments locked down while allowing access to your public environment.
Below is some text that you will input into a .htaccess file placed in your webroot
#allows a single uri through the .htaccess password protection
SetEnvIf Request_URI "/testing_uri$" test_uri
#allows everything if its on a certain host
SetEnvIf HOST "^testing.yoursite.com" testing_url
SetEnvIf HOST "^yoursite.com" live_url
Order Deny,Allow
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /path/to/your/.htpasswd
AuthGroupFile /
Require valid-user
#Allow valid-user
Deny from all
Allow from env=test_uri
Allow from env=testing_url
Allow from env=live_url
Satisfy any
so in the above code the "testing_uri" part could be if i only wanted to allow this url through my htaccess protections (useful for paypal pings) ex "http://mysite.com/paypal/ipn"
The host part is to allow anyone through if they are requesting the code from a specific domain such as "testing.yoursite.com". If it is "development.yoursite.com" it will not allow the user through.