Most websites are to be shown to the public however its possible there maybe some links from the main website which you may wish to secure such as: https://mysuperweb.co.uk/secureStuff. By default the browser will show it as a folder listing or a website if there is an index.php file.
To secure the link we can use htaccess which will prompt a password before the content is showed. We can do this at:
/etc/apache2/sites-available/000-default.conf <Directory "/var/www/html/secureStuff> AuthName "Restricted Access" AuthType Basic AuthUserFile /etc/apache2/.htaccess Require valid-user </Directory> The code will prompt for a username a password defined by the AuthUserFile. The location in which it will ask from will be /var/www/html. This is the default root location for the main website.https://mysuperweb.co.uk = /var/www/html https://mysuperweb.co.uk/secureStuff = /var/www/html/secureStuffFor the password itself it would be made with: sudo htpasswd -c /etc/apache2/.htaccess username