I have a site setup in Plesk and the site has several additional domains setup via Host Headers in IIS. We set it up this way so that there would not be an additional 10 sites setup in Plesk when all the domains do is point to the main website. however, now when we add directory protection to the main site - it does not work when the other domains are used to browse to the site. Any work arounds? In Plesk 7, how is the authentication enforced when a Protected Directory is added? Can the additonal host header domains be added to a list or somthing - maybe an .htaccess - like file?