Apache 2.4: Restrict access to reverse proxy by IP range, and redirect requests from all other hosts

We have a front-end proxy server that serves pages from a back-end website (both running Apache 2.4):

# Apache config snippet from frontend server
SSLProxyEngine on
ProxyPass "/blah"  "https://backend.invalid/blah "
ProxyPassReverse "/blah"  "https://backend.invalid/blah "

(In other words, accessing anything under https://frontend.invalid/blah actually retrieves the content from the back-end site. This is working as expected.) In order to do some maintenance work on the back-end site, I would now like to only allow access to the proxy (and backend site) from certain IP ranges (something like Require ip 123.123 172.20.0.0/16 (etc, for several ranges), and for all requests **not** from within these ranges, redirect those requests to a different site with a status page instead. I suspect that this will require either some fairly complicated mod_rewrite config (always a "several coffees required" task) and/or possibly use of the If and Else directives. Can anyone advise how best (or, perhaps, how simplest) to set this up?