Create password protected web directories with apache2

First make sure that .htaccess overrides are enabled in /etc/apache2/sites-enabled/domain.conf

Then create a .htaccess file in the directory you want to protect:

Options +Indexes
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /etc/apache2/ocna.htpasswd
Require valid-user

Now create valid users in the file /etc/apache2/ocna.htpasswd:

htpasswd -c /etc/apache2/ocna.htpasswd username

For subsequent users, just use:

htpasswd /etc/apache2/ocna.htpasswd username