You would not normally want to password protect a complete website since doing so would deny casual visitors the ability to gain a flavour of its contents. However you might want to restrict access to part of the site - for example a particular folder.
To password protect a particular folder in your webspace, follow these steps:
Enter the username and password you want to be use in the boxes on the left and click Submit
You'll see the username you entered appear in the list on the right-hand side
If you want to add more, do so and click Submit after each one
Once you've finished, leave the Username & Password boxes blank and click Submit
You'll now see a box that shows each username you entered, followed by an encrypted version of their passwords.
It'll look something like this:
Copy & Paste this into a new file in your text editor and save it as htpasswd.txt
3. Upload the files and edit permissions
Connect to your webspace, go to the folder you want to password protect, and upload both files to this folder. If necessary - usually it won't be - use your FTP program to change access permissions - sometimes called CHMOD - for both files htaccess.txt and htpasswd.txt to 644(File Owner: read & write, group & public: read only). CHMODing the files offers security by preventing other users from altering your files.
4. Rename the files
The final step is to rename the two files as follows - note the leading full stop:
Rename htaccess.txt to .htaccess
Rename htpasswd.txt to .htpasswd
The files will disappear the next time you refresh, if you need to edit or remove them you'll need to use an FTP program that allows you to see hidden files such as FileZilla. If you're not sure how to do this, there's a step-by step guide here. That's it! If it's worked, you'll be asked for a username and password the next time you browse to the protected folder. Note: if you get a 500 internal server error message it is likely that the fully qualified file-system path to .htpasswd you entered in the .htaccess file is incorrect. Did you make the correct substitutions after copying the model text? Note2: This protection can also be set up on CGI. To obtain the file-system path for AuthUserFile run the following script in the folder to be protected: