If you are on a windows IIS server and you don't have access to the IIS administration, you can setup a FrontPage subweb then remove browse privs from everyone for that subweb. You can do this all from FrontPage. This is how I have been protecting my admin for years. When you go to your admin dir, you should get the pop-up authentication window. You would use whatever user/pass your ISP gave you for your NT account.

If you do have IIS admin access, you would just select the folder in question, go to properties, go to directory security, click on anonymous access and remove the check from anonymous access. Usually you access the IIS admin by apending the assigned port number onto your domain, i.e. http://me.com:1234/