How to set up protected web site via user authentication

Example for Windows platform ============================ 1. In httpd.conf, ensure directory to be protected has the following directive eg. <Directory "D:/apache/htdocs"> AllowOverride AuthConfig ... </Directory> 2. Create a user password file (preferably at a location not under the web server's document root. eg. D:\APACHE\BIN\htpasswd -c D:\APACHE\USERS\PASSWD arahman new password: ******* retype new password: ******* 3. Create a .htaccess file at the directory to be password protected eg. D:\apache\htdocs\.htaccess AuthName "Restricted site" AuthType Basic AuthUserFile d:\apache\users\passwd require valid-user 4. Restart the apache web server