You can secure any file using this script.
It will not allow you to access without username and password.
1st step is to create .htaccess file in a folder which you want to protected.
2nd step is add index.php as shown in example. This will not work as it is but you can modify.
/*******************************************************/
.htaccess file
/********************************************************/
Options -Indexes
RewriteEngine On
RewriteCond $0 !^(favicon\.ico|favicon\.png|media|robots\.txt|crossdomain\.xml|css|js)
RewriteRule .* index.php?file=$0 [QSA,L] # pass everything thru php
