The best way to secure content on your website is to use .htaccess/.htpasswd protection. This will password protect any directory and all directories below. You will need to create a .htaccess file which you put in the directory you want to protect. You will also need to create a .htpasswd file which you will put out of reach (see tip on Securing Your Package). The .htaccess file should contain the following:
AuthName "Any Name You Want"
require user username
Where username is the name of the user specified in the .htpasswd file.
You can also make that last line
to accept any user specified in the .htpasswd file.
You can also limit the password protection. For example put the .htaccess code inside these tags
htaccess protection code goes here
to limit the password protection to just the file "file.ext".
The .htpasswd file should genrally be put at your ftp root (above the public directory). It is in the form:
The best way to create these files is using notepad (for example create htaccess.txt in notepad), then upload, then rename on the server (.htaccess).