OK , i get the point :)
In web.config
="1.0"="UTF-8"
<configuration>
<system.web>
<customErrors mode="Off">
</customErrors>
== Here is the solution ==
<authentication mode="Forms">
== It's the common way but you can also use HTML (JS) ==
<forms name=".ASPXAUTH" loginUrl="login.aspx" protection="All" timeout="999999">
<credentials passwordFormat="MD5">
== Login and Password ==
<user name="admin" password="21232F297A57A5A743894A0E4A801FC3" />
</credentials>
</forms>
</authentication>
<authorization>
== Here you set the what kind of group or each user ==
<allow users="?" />
<allow users="*" />
</authorization>
<trace enabled="true" localOnly="false" />
</system.web>
== Location ( the folder is called administration )
<location path="administration">
<system.web>
<authorization>
== Here you set the what kind of group or each user ==
<allow users="admin" />
<deny users="*" />
</authorization>
</system.web>
</location>
</configuration>