To restrict access from web browsers, set up the following files depending on the type of access control you would like.

Enabling Access Control

.htaccess (required)
Provides directory with access control. Any web directory (which must be at or below the WWW directory level) that you would like to control access to must have this file. To protect all your web pages, put .htaccess in your WWW directory. Subdirectories of a directory with an .htaccess file will be under its control, unless they have their own .htaccess file.

.htpasswd (optional)
Necessary if you are using the “Basic” authentication method. Each line of this file contains a username and encrypted password.

.htgroup (optional)
Allows you to assign sets of users to named groups.

Password Access Control Methods

Encrypted Connections

Encrypted connections help to protect information in transit over the internet. While they do not help you control who can access your web pages, Secure Sockets Layer (SSL) can be used to make passwords and other information more difficult to hack.