[users@httpd] Is it wise and feasible to write .htaccess file for my application??

[Singh <ap...@rediffmail.com>]

Hi experts...
Well i want to clarify that is it wise and feasible to write .htaccess file for my application which will be live24/7 to thousands of users. I have almost implemented all the things which are suggested to secure apache in the Apachedocs. My envt is RHL 9.0/ Apache2.0 with mod_mono/ Mono 1.0. The users will be accessing some other directories too in the main application directory. e.g if i have placed the application directory "apps" as under /var/www/html/apps, now in this apps directory i have some other directories which the users will be needing to retrieve some data for thier use. Should i check for the authentication at that level too? All I want is that only valid users may have access to that data. Although at the first entry point the .NET applcation asks for the authentication of the valid user but i was still wondering from my, i mean Apache's point of view. I dont know whether this is a valid question or not and i need your help. So from that point of view what do you suggest? What are the "MUST" security options that i need to take care of in Apache/RHL? I would really appreciate if you could guide me step by step...
Thanks in advance
Best Regards