Apache references the .htaccess file in web document directories for access control information and other uses. A simple configuration allows password protection with multiple username/password combinations.
In the directory to be protected, create a .htaccess file with contents like this:
AuthType Basic
AuthUserFile /safe/dir/htpasswd
AuthName "Text displayed in popup"
require valid-user
There are many other options for .htaccess, but these are basic password related options to get started. The AuthUserFile refers to a fully qualified file that should not be in the web server document directories. The htpasswd file can be named anything, there can be multiple files storing passwords for .htaccess, and each can be shared for use in multiple directories.
To create the first and second user/password pairs, use:
htpasswd -cb /safe/dir/htpasswd user1 password1
htpasswd -b /safe/dir/htpasswd user2 PaSsWoRd2
Additional user/password pairs can be added using the second form. Be certain to protect the htpasswd file.
