To do that you will need two files:

1. .htaccess (abviously)
2. .htpasswd

The .htaccess file will ensure that no one sees the content of the directory unless the good login/password (contained in .htpasswd) has been entered.

The content of the .htpasswd will look like this:

myuser:y4E7Ep8eLLk7EYV

where myuser is the login and what is after the “:” is the encrypted password.

Your .htaccess will contain these lines

AuthName "Restricted Area" 
AuthType Basic 
AuthUserFile /home/pwd/.htpasswd 
AuthGroupFile /dev/null 
require valid-user

As you can see, the .htaccess point to the directory where the .htpasswd is. Avoid, as much as you can, leaving the password file on the same level as the .htaccess file.

but how do i encrypt my password ? Don’t worry, as usual, there are a lot of resources on the web that do help in the process.

Just go here and follow the instructions. And you’re done !