samarudge 16 Posting Whiz

Hi,
I am trying to HTTP Auth protect a directory in my cgi-bin directory. I have a .htaccess file:

AuthUserFile /var/www/cgi-bin/secure/.htpasswd
AuthGroupFile /dev/null
AuthName "uTutorial Console"
AuthType Basic

<Limit GET POST>
require user valid-user
</Limit>

When I put this .htaccess file in an ordinary directory e.g. /var/www/html/site/secure/.htaccess it works fine and asks for the username and password however when I put it in my secure CGI directory (/var/www/cgi-bin/secure/) it doesn't ask for user/pass just shows the script. Is this a common problem or is it something to do with DIR permisions?