I wrote another blog article on how to look at other websites data via unsecured webalizer output. Don’t be one of the sites that gets compromised. There is just too much valuable data in those files. I still can’t believe that admins are stupid enough not to lock that down. Lazy? Perhaps. Here’s how to lock it down.
I am making basic assumptions here. One that you have the proper access, using a linux host & are running apache. Is there really any other way? 
How to configure .htaccess
To passwd protect a webalizer page…
Create a file /var/www/webalizer/.htaccess in that director that looks something like this:
AuthName “Add your login message here.”
AuthType Basic
AuthUserFile /var/www/webalizer/.htpasswd
AuthGroupFile /dev/null
require user yourusername
Then run this command that turns the .htaccess into a .htpasswd file..
root@blaster:/etc# cd /var/www/webalizer
root@blaster:/var/www/webalizer# vi .htpasswd
root@blaster:/var/www/webalizer# htpasswd -c .htpasswd yourusername
New password: *****
Re-type new password: *****
Adding password for user yourusername
now edit the /etc/apache2/httpd.conf file and put this in.
root@blaster:/etc/apache2# cat httpd.conf
AllowOverride AuthConfig
AuthName “For Authorized Users Only, So Beat It!”
AuthType Basic
AuthUserFile /var/www/webalizer/.htpasswd
AuthGroupFile /dev/null
require user yourusername
root@blaster:/var/www# /etc/init.d/apache2 restart
* Restarting web server apache2