You’ll find sometime that when you deploy WordPress in order for permalinks to work correctly you need a proper .htaccess file. This .htaccess also affects anything else you place within your web root when WordPress lives.
For instance if you need to password protect a directory within the your webroot where WordPress lives. You’ll find that when you do so, and try to visit that folder in a web browser that a 404 WordPress page will be displayed. To fix this, you simply need to add the following to your main .htaccess file that has your WordPress rules.
ErrorDocument 401 default
This should then allow you to use your password protected directories as you normally would if you didn’t have WordPress installed.
Source: http://www.andrewrollins.com/2008/01/22/wordpress-and-htaccess-password-protected-directories/
More from my site
Pasword Protected Sub Directories Missing on Index Listing with Apache2
Remove iThemes Security Lockouts Script
WordPress Permalink Sub-Directory 404 Error Weirdness
How to Disable the Displet Pop WordPress Plugin on Specific Pages- WordPress SEO plugin by Yoast
CloudFlare Cache Purge Plugin Logs to Posts