Okay, if you open cpanel / Files / Directory Privacy / Select a Folder (or create one earlier, say named 'calendar') Click on it and it will ask you to:
Security Settings
When a user attempts to access the protected directory through a browser, the site will prompt them to enter a username and password. The name that you choose for the protected directory will also display.
Set this up and save.
Now using ftp software upload your page with the calendar in the iframe to this password protected folder.
Now only people who know the username and password will be able to view it.
Hope this helps.
Here's an example:
LINK
Without the username & password access isn't granted.
It may also be advisable to gain a ssl certificate for such pages as browsers are warning more & more on insecurities without these.
Bookmarks