PDA

View Full Version : Locking Folders: Website



~~~~~ s y ~~~~~
11-12-2003, 04:45 PM
Hi,

I've got a website but have some things on there which I would like as 'for private eyes only' thus, I would like to know how you can password lock a folder, or files (beside MS office, i know that)?

Many thanks once again,

somebody
11-12-2003, 04:57 PM
You could use a .htaccess and .htpasswd file to protect folders on the webserver. There are lots of very useful websites (do a google search) which will show you how to do it.

~~~~~ s y ~~~~~
11-12-2003, 04:59 PM
Thanks for the quick reply,

I will do a search and have a look. Cheers ;-)

Murray P
11-12-2003, 05:01 PM
My web-hoste's sever has secure areas that can be/are password protected, what does your hoste say?

Cheers Murray P

~~~~~ s y ~~~~~
11-12-2003, 05:58 PM
I am using Orcon's FreeHost... it's all i can afford :(

stu140103
11-12-2003, 06:43 PM
> I am using Orcon's FreeHost... it's all i can afford
> :(

Let me have a play & see if I can get the. htaccess working on orcon free host, give me an hour or so, & I will post back here how I get one.....

stu140103
11-12-2003, 09:46 PM
> > I am using Orcon's FreeHost... it's all i can
> afford
> > :(
>
> Let me have a play & see if I can get the. htaccess
> working on orcon free host, give me an hour or so, &
> I will post back here how I get one.....

I have had a play around, unless I did it wrong, I donít think you can do.htaccess on the orcon free host, what I suggest you do is e-mail orcon & ask them, or if you what a password enter page do a search of Pf1 for them, there has been a few thread about them.

Mzee
12-12-2003, 01:51 AM
The answer is here:-

www.dlib.vt.edu/projects/MarianJava/edu/ vt/marian/WebGate/package-tree.html

Mzee
12-12-2003, 02:08 AM
Another one.


http://javaboutique.internet.com/password_protect/WebGate.zip

Kame
12-12-2003, 01:37 PM
The problem is how secure do you want it, The methods you've been offered are foolproof but if someone wants to get in then they can as HTML, Java, JavaScript, Flash can easily be bypassed.

Serverside is the best type of protection you could do, not clientside.

If just foolproofing is enough then HTML Validation, Javascript Protection, Flash Login, Java Login etc are probably what you are searching for, basically you need to log in to access those pages, and make sure that in every folder you have an index page that redirects to the login page, your login script should redirect to another page, not index or you'll just get to the login :P, the only way they can bypass it is by getting the password, knowing the actual files in the directory needed and other possibilities.

Which one would be best to use? HTML Validation reasonably good but it's basic authentification so brute force will work against it, JavaScript = no way, Flash... well a bit tricky, would fool most people without a clue and Java is similar to flash.

If htaccess worked then that would be good as it's serverside.