.htaccess in public and adding password protection

AFM wrote:

While my site is in development I wish to add basic password
protection.
At the moment my .htaccess looks like this:

AuthName "Restricted Area"
AuthType Basic
AuthUserFile /home/httpd/mydomain.co.uk/.htpasswd

Where is this file? Apache seems to refuse to use password files that
are in a directory that it is serving content from.

Cheers,
Bob