To password-protect a directory using .htaccess files, do the following:
First, you have to use the htpasswd utility to create a new password file (somewhere outside the Apache root directory!). The basic syntax is htpasswd -n passwordfile username. (Type htpasswd for a brief list of options, or the htpasswd manpage for the whole lot).
% htpasswd -c ~/virtualwolf_admin_passwd virtualwolf
You'll be prompted for a password. Then create your .htaccess file in the folder you wish to password-protect, and put the following text into it:
AuthType Basic
AuthUserFile $PATH
AuthName $LOGIN
require valid-user
satisfy All
(Replacing "$PATH" and "$LOGIN" with the path to the password file you created above and the login, respectively). That's it! You'll be prompted for a login and password when you try to access the directory that the .htaccess file is in.
This can also be put in a <Directory> directive in the main httpd.conf file.
This is for servers running Apache only.