To protect directories, .htaccess files is the way to go. For example, if
you want to protect a directory called "test" inside of your web
directory, create a .htaccess file in that directory with something like
the following in it:
AuthName "restricted directory"
AuthType Basic
AuthUserFile /home/username/.passwd
require valid-user
Replace "username" with your login name. For example, if your login name
is francis, use /home/francis/.passwd. Then, from the telnet shell, create
a /home/francis/.passwd file using the htpasswd program:
htpasswd -c /home/francis/.passwd username
where username corresponds to the name of the user you want to give access
to. This allows you to create the password file and add a user to it. For
subsequent users, use:
htpasswd /home/francisc/.passwd username
For more detail on this entire process, see:
http://www.apacheweek.com/features/userauth