Tip: Protecting Apache Files/Directories with Passwords

[Warren Togami]

http://www.linuxsecurity.com/tips/tip-8.html

This is a short guide showing the basic method of protecting directories or
files in Apache, so that they would require a username and password for
access via a web browser.

This method is not perfect and vulnerable to brute force cracking because
Apache doesn't reject connections, but it works well enough for most people.
If you want some real security, you should use SSL encryption, and PHP or
perl server side scripting to do the web authentication with IP ban
rejection after several wrong password attempts.