In your httpd.conf, look for an "AllowOverride" setting within the directory container. It might look something like this:
Code:
<Directory "/var/www/htdocs">
...
AllowOverride None
...
</Directory>
You'll need to change "None" to "AuthConfig", e.g.:
Code:
<Directory "/var/www/htdocs">
...
AllowOverride AuthConfig
...
</Directory>
The "AllowOverride" setting specifies which things are allowed, in .htaccess files, to override the settings in httpd.conf. There are various possible options. But you must include "AuthConfig", or set AllowOverride to "All", to enable password-protecting directories via .htaccess.
Remember to re-start Apache after editing httpd.conf.