Authentication is any process by which one can verify that someone is who they claim they are.
Authorization is any process by which someone is allowed to be where they want to go, or to have information that they want to have.
To configure the server to request a password and tell the server which users are allowed access. One can do this either by editing the httpd.conf file or using an .htaccess file.
For example, if you wish to protect the directory /path/to/your/directory, you can use the following directives,
- keep .htaccess file in the directory `/path/to/your/directory`
OR
- use directory section in server's config file by
Directory /path/to/your/directory
#your settings
Directory
AuthType Basic
AuthName "Restricted Files"
AuthUserFile /path/to/your/directory
Require user gayab
Check how to use apache's htpasswd utility