You can password protect directories (folders) via the cPanel control panel, which protects all the files within the password protected folders.
To password protect directory:
- Login into your cPanel and click on the Password Protect Directories icon, found under Security.
- Choose Web Root (and you may need to select Show Hidden Files)
- Click on the name of the directory that you wish to password protect.
- Check the box for "Password protect this directory:"
- Fill in "Name the protected directory". Actually, this is just the message that will show to visitors when they try to login, and can be anything you like.
- Click on Save button below.
- Click "Go Back"
- Fill in a Username and Password at the bottom of the page, and click "Add/modify authorized user".
You are done. The directory you selected is now protected by password.
To ensure your directory has been password protected, launch your browser and view the directory. If the browser prompts you to login, then your folder has been password protected.
500 error after login?
Check the folder ownership on the .htpasswds folder (above public_html). Change them from user.user to user.nobody and ensure the permissions are set to 750 and then refresh your protected page. The error will be gone.