There is a new post explaining how to password protect an iWeb site. You can find it here
Here I will explain how I was able to do it and may be you could adapt what is shown here for your own needs. This instructions have been tested to work with Dreamhost, your mileage may vary.
HOW IT’S DONE
Let’s say your page is at path /Home.html, then the content of the first HTML snippet for this page will be at /Home_files/widget1_markup.html. In order to get the PHP engine to look for PHP code inside the widget1_markup.html file, we will use Apache’s directive AddHandler. Create a file named .htaccess and place it in the folder where the widget1_markup.html file resides, in our example, /Home_files. The content of the .htaccess file will be:
AddHandler php5-script .html
That is it. That is the only line that we need to add to the .htaccess file. What this does is to instruct Apache to process all the .html files in the directory by the PHP parser as if the file had the .php extension. We could have placed the .htaccess file at the root level of the website, but that would mean that every single .html file in our site would be processed as .php and that may break some things. By placing the .htaccess in the folder where the widget1_markup.html file resides will guarantee that only that file will be processed as .php.
You can download the required files at the end of the example.