Create a htpasswd file inside your website directory you wish to protect (xxx.com/htpasswd)
Password must be encoded by the crypt(3) function if Apache is not installed
I suggest you to use this tools to generate it http://www.tools.dynamicdrive.com/password/
Config your nginx vhost conf file
location / {
auth_basic "Restricted Area";
auth_basic_user_file /home/wwwroot/xxx.com/htpasswd; }
Restart your nginx service, Done !!
