In IIS7 password protection is achieved by removing anonymous user
access to a directory.
The password protection method in this article uses the
IIS 7 Manager. The IIS 7 Manager is a
program that is installed on your computer and is used to do some
maintenance and configuration tasks in IIS 7. We recommended the IIS 7
Manager for use by experienced developers only.
- Connect to your site
- Navigate to the directory you want to password protect in the left pane
- Double click Authorization Rules in the right pane
- Click Add Deny Rule
- In the pop up dialogue box, select All anonymous users
- Click OK
- Note that this action will add some entries into your web.config file