Apache allows you to protect contents of specific directories in your website or the whole website from unauthorized access using a mechanism called httpd password protection. During development of new sites the partially built sites are protected from unauthorized access using httpd authentication. This could sometimes interfere with testing of integration with third party services that might expect some of your URLs to be accessible without authentication. Here is how you can exclude a given file or directory from httpd authentication
Password-protecting drupal development site with .htaccess file
There might be few scenarios when we need to protect our site from the general public and make it accessible to a selected group of users. One of the most common scenarios in the development workflow of a Drupal site is when you want to avoid your half-complete drupal site showing up in Google search results.For such needs, it is advisable to go for password-protecting the site using HTTP authentication.
If you have cPanel installed on your hosting server, you can use the ‘Password Protect Directories’ option from the ‘Security’ section on the cPanel home page. Click here to read on How to enable HTTP Authentication using cPanel (link to an article for the same on our site)
For those without cPanel, here’s how to get Apache work your way: