If you must use .htaccess files you should know their limitations:
.htaccess files (or "distributed configuration files") provide a way
to make configuration changes on a per-directory basis. A file,
containing one or more configuration directives, is placed in a
particular document directory, and the directives apply to that
directory, and all subdirectories thereof.
This means you control the settings on filesystem containers rather than webspace containers, and the configuration by default applies to all subdirectories. Therefore, to achieve your goal you must place the .htaccess file to the file system path corresponding with the URL path /web/en/press-release/.
If the /web/en/press-release/ on both localhost:10004 and example.com refers to the same directory and both are served directly from the filesystem using Apache (i.e. it is not a reverse proxy), the filesystem context is a good choice. From Configuration Sections: What to use When:
Choosing between filesystem containers and webspace containers is
actually quite easy. When applying directives to objects that reside
in the filesystem always use <Directory> or <Files>. When applying
directives to objects that do not reside in the filesystem (such as a
webpage generated from a database), use <Location>.
It is important to never use <Location> when trying to restrict access
to objects in the filesystem. This is because many different webspace
locations (URLs) could map to the same filesystem location, allowing
your restrictions to be circumvented.
Instead of using mod_rewrite to control access, Apache has direct Access Control directives. Using them is more straightforward and makes your configuration easier to read and manage. The Require Directive from mod_authz_core has ip:
Require ip 192.0.2.100
Require ip 198.51.100.0/24
Require ip 2001:DB8:C0F:FEE::/64
