Nothing like someone telling me they can do what I cannot to make me dig some more
It appears that it does work but the new .htpasswd file that’s created or moved outside of the web accessible space needs permissions of 444, not 440 as originally created by the DH web panel. Just curious why this is.
The 440 permissions work fine if the .htpasswd is in the same directory as the .htaccess file (is that the right conclusion??). At least it works fine when I go through the web panel.
And my conclusion about the group name needing to come from DH was not correct.
Thanks for your reply.