Yes we need to avoid stage data to go to google search engine that is one of the requirement.
Now what I did as per the link above
authentication.conf file has below content
## unsets authorization header when sending a request to AEM
RequestHeader unset Authorization
AuthType Basic
AuthBasicProvider file
AuthUserFile /home/test-project/dispatcher/conf.d/htaccess/credential.htpasswd
AuthName "Authentication Required"
Require valid-user
And this file is included in v host file without any conditions.
<IfModule disp_apache2.c>
Include /home/test-project/dispatcher/conf.d/htaccess/authentication.conf
# Some items cache with the wrong mime type
# Use this option to use the name to auto-detect mime types when cached improperly
ModMimeUsePathInfo On
# Use this option to avoid cache poisioning
# Sling will return /content/image.jpg as well as /content/image.jpg/ but apache can't search /content/image.jpg/ as a file
# Apache will treat that like a directory. This assures the last slash is never stored in cache
DirectorySlash Off
# Enable the dispatcher file handler for apache to fetch files from AEM
SetHandler dispatcher-handler
</IfModule>
Still site is opening without credential popup.