This is what I have done thus far. I am still ending up empty. Without my login protection. I am trying to protect a configuration tool. It is located in my modify folder

I created two files.

htaccess.txt
AuthName "Webmaster Login"
AuthType Basic
AuthUserFile /var/www/dopey/cart/items/modify/.htpasswd
require valid-user

htpasswd.txt
dopeydadwarf:jbdxOuS0bcmRA
( no i didn't use my password in this example )

after upload I changed them to .htaccess/.htpasswd respectivly.

I placed .htaccess into the modify dir.
I placed .htpasswd into the cart dir. I guessed on this one...where exactly should it go? Should it go deeper into the dir's

I found root via <?php echo $DOCUMENT_ROOT ?>
then the dir's are up from there.

password via http://tools.blueyonder.co.uk/

Any help would be greatly appreciated. Any help on common pitfalls is also appreciated.

P.S. I am learning php and administrating a site hosted on a *nix based server.