How to password protect an entire website but allow public access to 1 specific file

Question

I've created an e-commerce site that uses paypal to accept payment. I am in the testing phase so I have password protected the entire site using htaccess. The trouble is that I am using IPN to verify PayPal payments and therefor my IPN script needs to be publicly accessible so that PayPal can communicate with it.

Is there a way to password protect the entire website except allow public access to 1 script file? (my ipn script file)

I'm using PHP and here is my .htaccess that I'm using to password protect the entire site:

AuthName "Site Administratrion"
AuthUserFile /dir/.htpasswd
AuthGroupFile /dev/null

AuthName secure
AuthType Basic
require user username1
order allow,deny
allow from all

Answer 1

Put the IPN script in a subdirectory with its own .htaccess that explicitly disables HTTP authentication for the contents of that folder?