Since you have access to the server config then you can create a RewriteMap (part of mod_rewrite) that references your text file of IP addresses. You can then lookup IP addresses in this rewrite map using mod_rewrite. The RewriteMap itself needs to be defined in the server config, but it can be called from anywhere (eg. .htaccess).
For example:
Your text file of IP addresses... key/value pairs separated by a space. You don't need to include the actual team members name (it's not used in the lookup), but it might be useful. Just some text value that is not "DENY" (since this is used later as the default value in the lookup). All values could be the same if you want.
# /path/to/file/allowedips.txt
# IP addresses to allow access
1.1.1.1 Bob
2.2.2.2 Alice
3.3.3.3 Frank
4.4.4.4 Joe
In the server config you define the RewriteMap:
RewriteMap allowedips "txt:/path/to/file/allowedips.txt"
Call the rewrite map in .htaccess (or server config) to block access:
RewriteEngine On
RewriteCond ${allowedips:%{REMOTE_ADDR}|DENY} =DENY
RewriteRule ^ - [F]
DENY is simply the default value returned when the IP address is not found in the rewrite map.
The F flag triggers a 403 Forbidden response.
You need to restart Apache after making changes to the server config (ie. when you define the RewriteMap), but you do not need to restart the server when you simply update the text file containing the list of IP addresses.
order deny,allow
deny from all
allow from xxx.xxx.xxx.xxx
allow from yyy.yyy.yyy.yyy
allow from zzz.zzz.zzz.zzz
Order, Deny and Allow directives are formerly deprecated on Apache 2.4. The Apache 2.4 equivalent is Require. However, this does not have the ability to read IP addresses from a file. Although you can read the entire contents of a file using an Apache expression and parse this against a regex, but a RewriteMap (as mentioned above) would be more efficient. Although this would still be a solution if you didn't have access to the server config.
