.htpasswd Generation & Policy
From Metro Studios Knowledgebase
On most of our servers we have at least one Apache .htaccess/.htpasswd setup for basic user validation. We use this for anything ranging from simple client authentication to locking down web server administration portals - most commonly on the slices.
First step is to add (or append) the .htaccess document within the root of the directory you wish to password protect. It will look similar to the following:
AuthUserFile /var/www/vhosts/dev1.metro-studios.com/private/.htpasswd AuthGroupFile /dev/null AuthName "Metro Development" AuthType Basic require valid-user
The second step is to run the htpasswd command within the directory specified with the "AuthUserFile" configuration option. If a .htpasswd file does not exist use the -c flag to create it.