@scragarNov 01.2007 — #.htaccess is about the only way to secure a directory.
if the directory is not directly accessable from the browser(eg web files in /home/www/ and your files in /home/xyz/) then a server side language can provide access in a variaty of ways allowing easy restriction, this is however much slower than htaccess.