there are lots of ways to secure a website... If u wanna encrypt the connection, use https - if your hoster offers it or if u have your own box and the necessary certificates. If u cannot use it, I think there's some javascript/php solution that sends all passwords encryted using some client-side md5-hashing (called fastlogin, go to http://www.publicator.no/php_net/login/ , login with the credentials given on the page and download the script).
If u want to restrict access to certain directories/pages, search on google for .htaccess-Tutorials or check php's session functions - there is really a lot of information on this page and everywhere else on the net.
Hope that helps
