It works on your local machine because you have 127.0.0.1
, which means if the request comes from the 127.0.0.1 IP (e.g. you are accessing it from your local machine) then allow the request. If you use that htaccess file on your host and you try to access the page, it's going to be your external IP, which isn't in the allow list, so you get a 403.
If you go to a service like this: http://www.whatismyip.com/ the IP address that they give you is going to be the one that is used to determine whether you can access the live_search.php
file or not. And if the IP on that page isn't in the Allow list, you will get a 403. Anyone who tries to visit live_search.php
who's IP isn't in your allow list will get a 403 result. Having the server's IP does absolutely nothing, except if someone has a browser open on the server and is browsing the page that makes the AJAX call.