I'm used to doing basic password protection for Apache w/ the following method in Apache config files:
AuthType Basic
AuthName "By Invitation Only"
AuthUserFile /path/to/.htpasswd
Require valid-user
However, I've been asked to put some protection on a subdirectory of a site running ColdFusion on top of IIS6, and I'm unfamiliar with how to do this. How is this done? What should I look out for? I just need to password protect an administrative subdirectory, so I don't need a full user login system - just something that limits who can access the section of the site.