I password protected my dev site using these steps:
- I created a .htaccess file in the to-be-protected folder with the following directives:
AuthType Basic AuthName "Restricted Area" AuthUserFile /path/tosite/.htpasswd Require valid-user
- I created a .htpasswd file in /path/tosite/ as pointed by AuthUserFile directive above. The .htpasswd file should contain a salt of your username and password. Use the htpasswd-generator to generate the content of your .htpasswd file.
You can see this in action in my dev site.
Stackoverflow – Password Protect My Website