htaccess vs password protected directories

I have to add a password protected zone to a site I am working on (using the .htpasswd file). The thing is the whole directory structure it's being pointed at doesn't exist and is created through mod_rewrite.

Will it still work, or does the directory actually have to physically exist on the server?

Clarificat开发者_开发百科ion: While I may need to password protect the directory: http://sitename/category/protected/

mod_rewrite translates this to: index.php?category=category&directory=protected

So the actual directory does not exist. Is it still protectable?

You can add the access rules to the apache config file (httpd.conf or similar) in a Directory or Location tag instead of adding it in the .htaccess file.

Your rewrite rules will ultimately point to some files in a directory on your system (unless they redirect users to some external location). The authentication setup should be on the underlying directory that will be accessed.