Ok ... I am using this code for authentication

<?php

// Username and Password for authorization

$username = 'somename';
$password = 'somepassword';

if(!isset($_SERVER['PHP_AUTH_USER']) ¦¦ !isset($_SERVER['PHP_AUTH_PW']) ¦¦ ($_SERVER['PHP_AUTH_USER'] != $username) ¦¦ ($_SERVER['PHP_AUTH_PW'] != $password)) {
// The username and password are incorrect and so send the authentication headers

header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate:Basic realm ="My website"');
exit('<div align="center"><h2> My website </h2> You must enter valid username and password to access this page.');

}

?>

My guess is you're going from an Apache handler version of PHP on localhost, to an implementation of fastCGI on your live host that doesn't handle the PHP_AUTH_* variables the same.

I'm not sure how to fix it, but perhaps that will get you going in the right direction.

yes yes .... you are right. I was using XAMPP to test the site offline.
I dont have much knowledge of fastCGI , or even CGI for that matter

Any pointers?

right after the authorization headers dump the $_SERVER var and check the parameters it may help.

Although to avoid this kind of problem you could always setup the pw protection from your host's cpanel as this will protect the sub-folders too while the one you posted operates with the application script(s) only.