.htaccess in public and adding password protection

AFM wrote:

While my site is in development I wish to add basic password
protection. At the moment my .htaccess looks like this:

AuthName "Restricted Area" AuthType Basic AuthUserFile /home/httpd/mydomain.co.uk/.htpasswd

Where is this file? Apache seems to refuse to use password files that
are in a directory that it is serving content from.

Cheers, Bob