Using .htaccess to protect PHP scripts?

hkisgood

I am a new PHP programming and I am trying to use .htaccess to protect a directory that contain some .php files. I modified the .htaccess in the directory I want to protect. But then I can only protect files with extensions like .html, .htm, .asc, .abc from being viewed from unauthorized users. The files with .php as extensions are not protected. Any one knows how to solve the problem?

Here is the content of my .htaccess
AuthUserFile /usr/jasonchan/public_html/php/admin/.htpasswd
AuthName "The Secret Admin Page"
AuthType Basic

<Limit GET PUT POST>
require valid-user
</Limit>

hand

AuthUserFile /usr/jasonchan/public_html/php/admin/.htpasswd 
AuthName "The Secret Admin Page" 
AuthType Basic 
require valid-user

dannys

OT but, wouldn't it be more sensible to store your .htpasswd above the webroot (which I'm assuming is public_html)

i.e.
AuthUserFile /usr/jasonchan/.htpasswd

That way you can be sure no-one, from the web side, will have access to your password file through the web.