This can be done using an .htaccess file. However, before continuing, we need to clarify a couple of points about .htaccess files. Firstly, they are specific files for the web server, they do not appear in the directory tree when an internet user accesses a visible directory (one which has no index file and therefore shows a full listing of all the files in that directory). Secondly you should note that the settings specified for a .htaccess file apply not only to the directory that the file is in, but also to all its subdirectories.

What to do

.

Create the password file

Firstly, you have to create the file which will contain the list of usernames and passwords which are allowed to access the site. Usually, you create a .htpasswd file for this which will then be used by the .htaccess file. It is a simple text file, which contains usernames and their encrypted passwords.

There is a page on our website where you can encrypt passwords:

https://www.ovh.co.uk/support/tools/crypt_password.pl
Please note:
In Windows, you cannot directly create a file named .htaccess or .htpasswd. You must give it another name, transfer it to your web space and then rename it .htaccess or .htpasswd using your FTP client.

After filling in the first two fields (the key is made up of two characters chosen by you), click "Encrypting the password" and you will see the encrypted form of the password in the field "Encrypted Word". Copy this password in the .htpasswd file (see below). The .htpasswd should not necessarily be in the same location as the .htaccess file. For example, you could place it in the webroot, and use it to protect different website directories, given that a single .htpasswd file can be used by several .htaccess files. The .htpasswd file must contain one line per user specifying the username and password.

These lines are as follows:

username:encrypted_password

Example for username: "Admin"
and password: "ovh1234"
this will give the following: Admin:gl0IiOirI2n6M

Once the .htpasswd password has been created, you just have to place it where you have chosen, and go to the next step: creating .htaccess files.
Important:
Remember to add a carriage return after the encrypted password.
.

Create the .htaccess file

To block access to an entire directory, create a .htaccess text file as follows and place it in to the directory you want to password protect.

IMPORTANT, In the following example, you have to replace your_ftp_username with your FTP username, you will find this in your control panel.

AuthUserFile /home/your_ftp_username/www/.htpasswd
AuthGroupFile /dev/null
AuthName "Restricted access"
AuthType Basic
require valid-user

In the example above, your .htpasswd file is located in the /www folder on your web server.
For previous products
For the Start and 1000GP solutions, the path you need to place in the authuserfile is different.
You will have got it in the activation email. If not, or if you have lost this email, you can use the following PHP script:
<?php
echo realpath("path.php");
?>
.

Block access to one or more specific files

To block access to one or more specific files, you just have to add the tags (one FILES tag per file):

<Files test.php>

AuthUserFile /home/your_ftp_login/www/.htpasswd
AuthGroupFile /dev/null
AuthName "Restricted access"
AuthType basic
require valid-user

</Files>

The .htaccess file

More about the .htaccess file can be found at the following link