To protect a folder in Unix/Linux using .htaccess and .htpasswd, use the following steps:
[1] Go to folder you wish to protect and create a file called .htaccess with the following info:
AuthUserFile /home/your_username/.htpasswd
AuthGroupFile /dev/null
AuthName “Restricted Area”
AuthType Basic
<Limit GET POST PUT>
require user admin
</Limit>
[2] Go to the location for your .htpasswd file (typically should be in your home area outside of the public_html folder). If the .htpasswd file does not exist, create it using the following syntax. Enter the password when asked for.
> cd /home/your_username/
> htpasswd -c .htpasswd admin
[3] Make sure your .htpasswd file is readable from the web – chmod it to 644.
> chmod 644 .htpasswd
[4] If additional users need to be allowed access to the same folder,
[4.1] add the users to the .htaccess file (edit the file mentioned in step 1):
require user admin user2 user3
[4.2] add the users to the .htpasswd file (update the file mentioned in step 3). Note that the “-c” option in step 3 is not used here. The “-c” is only used when creating the .htaccess file:
> htpasswd .htpasswd user2
> htpasswd .htpasswd user3
An excellent and easy tutorial is at: http://hoohoo.ncsa.uiuc.edu/docs/tutorials/user.html. A cached copy is here.
