How can I use htaccess to password protect a directory?

Create a file named .htaccess in your web directory that contains the following:

AuthUserFile /home/yourlogin/yourdirectory/.htpasswd
AuthName Secure
AuthType basic
require valid-user

Then in your home directory, type htpasswd -c /home/yourlogin/yourdirectory/.htpasswd pumpkin.
You will be prompted to enter a password and verify it.

This will enable you to secure the directory so that only user pumpkin can enter this directory.

To add additional id/password pairs to the file, leave off the -c, which means ‘create a new file’. For example, htpasswd .htpasswd linus. You may well want any of the user/password combinations you created in your .htpasswd file to allow access.

Note that you want to store the .htpasswd file in your home directory so it is hidden from others. The one drawback to putting your .htpasswd file in your home directory is that you will have to slightly lower the security of your home directory. Go to /home (cd /home/yourlogin) and type chmod +x yourlogin. The WWW server needs execute permission on to read the .htpasswd file.