Add the following lines to your /etc/apache2/http.conf file

# Set up .htaccess security so that I can protect the site online.
<Location "/">
    AuthType Basic
    AuthName "Under Construction"
    AuthUserFile /opt/graphite/sec/.mypasswds
    AuthGroupFile /opt/graphite/sec/.mygroups
    Require group managers
</Location>

Next, let’s create your AuthUserFile and your AuthGroupFile:

/opt/graphite is the root directory for apache, www-data the apache user and group

$ cd /opt/graphite
$ sudo mkdir sec
$ sudo chown -R www-data:www-data ./sec
$ sudo htpasswd -c ./sec/.mypasswds some_user_name
(enter a strong password)
$ echo 'managers: tom' | sudo tee -a ./sec/.mygroups
$ sudo chmod -R 600 ./sec
$ sudo /etc/init.d/apache reload