I really like the idea behind this. I just can't get it to play nicely. Anytime I get to locking down wp-admin, I can't log back in (get 404 errors). I have to remove the lines from .htaccess in wp-admin to get back in.
My WP install is in the root of my www (html_public) folder... fairly default save for 1 theme and a few plugins (which at this point I've disabled).
AuthType Digest AuthName "Protected By AskApache" AuthDigestDomain / http://mydomain.com/ AuthUserFile /home/mydomain/.htpasswda3 Require valid-user <FilesMatch "\.(ico|pdf|flv|jpg|jpeg|mp3|mpg|mp4|mov|wav|wmv|png|gif|swf|css|js)$"> Allow from All </FilesMatch> <FilesMatch "(async-upload|admin-ajax)\.php$"> <IfModule mod_security.c> SecFilterEngine Off </IfModule> Allow from All </FilesMatch>