password protecting a page

Discussion in 'OT Technology' started by TmoneySJU, Sep 27, 2003.

  1. TmoneySJU

    TmoneySJU New Member

    Joined:
    Sep 17, 2003
    Messages:
    286
    Likes Received:
    0
    Location:
    Philly
    what is involved in password protecting a page in my website? If this is too general a question, let me know
     
  2. picabu

    picabu I like pie

    Joined:
    Oct 4, 2001
    Messages:
    916
    Likes Received:
    0
    Location:
    Houston
    Apache or IIS?

    If apache use a .htaccess file. Google it.

    IIS I never used so no idea.
     
  3. SLED

    SLED build an idiot proof device and someone else will

    Joined:
    Sep 20, 2001
    Messages:
    28,118
    Likes Received:
    0
    Location:
    AZ, like a bauce!
    iis, you would disable anonymous access, and set up NT security, and give specific users access only to the page.
     
  4. aphoric

    aphoric Even if god did exist, it would be necessary to ab

    Joined:
    Aug 29, 2003
    Messages:
    918
    Likes Received:
    0
    Location:
    Leaving Afghanistan
    and furthermore, if you are running Weblogic, it is in the realm admin section
     
  5. VBGOD

    VBGOD Guest

    ASP.NET

    :o ;)
     
  6. Astro

    Astro Code Monkey

    Joined:
    Mar 18, 2000
    Messages:
    2,047
    Likes Received:
    0
    Location:
    Cleveland Ohio
    IIS offers two levels of security. I'm rattling this off the top of my head so you may have some dialog hunting to do. Basically, head into the site manager. Go to the site properties and you want to find the security tab. By default, its set for anonymous access. You want to unclick that. The two levels of security are down below. You have Basic and NT Authentication (I don't remember the exact name of it). If you're STRICTLY working with IE and your web users will be using IE, then go for the NT authentication (this only works with IE browsers though). If you want your site to work with other browsers, then Basic is the way to go. You also need to setup the user with access to the page (disable Everyone and add your user). Then you're good to go.

    For Apache, .htaccess and .htpasswd are the keys. For .htaccess:

    Code:
    AuthUserFile /[PATH TO HTPASSWD FILE]/.htpasswd
    AuthGroupFile /dev/null
    AuthName GENERIC NAME TO DISPLAY IN DIALOG BOX
    AuthType Basic
    
    require user [USER NAME REQUIRED TO SIGN IN]
    
    I'd then go setup your .htpasswd file. Go to the directory you specified as above. Then you'll need to run htpasswd. I don't have the correct syntax off the top of my head, but if you run "man htpasswd" or hit up google, you should be all set.

    The next approach would be a web based level of authentication. This is handy if you want to manage sessions, store the accounts in a database, or you want complete control over the log in process. If not properly implemented with code, you can easily induce security issues.
     
  7. TmoneySJU

    TmoneySJU New Member

    Joined:
    Sep 17, 2003
    Messages:
    286
    Likes Received:
    0
    Location:
    Philly
    thanks for all the replies
     
  8. TmoneySJU

    TmoneySJU New Member

    Joined:
    Sep 17, 2003
    Messages:
    286
    Likes Received:
    0
    Location:
    Philly
    my platform is Unix/Apache....
    where do i place the .htaccess and .htpasswd files? I'm currently using front page, (although beginning to learn about php), do i just upload them up to my website, or does it have to be in a specific spot?
     
  9. Astro

    Astro Code Monkey

    Joined:
    Mar 18, 2000
    Messages:
    2,047
    Likes Received:
    0
    Location:
    Cleveland Ohio
    We haven't gotten you to switch off Frontpage yet? :)

    .htaccess goes in the directory that you want to protect

    .htpasswd its recommended you create it in a non-web accessable directory. By default Apache shouldn't be dishing it out to anyone, but you don't want to chance it. But don't take my word on this. READ SOME DOCUMENTATION...
     
  10. TmoneySJU

    TmoneySJU New Member

    Joined:
    Sep 17, 2003
    Messages:
    286
    Likes Received:
    0
    Location:
    Philly
    i'm reading up on it on google, apparently it's not good to use if you have front page extensions installed. And I'm still waiting for my php for dummies book, haha. The thing I like is being able to see my website in an overall view on front page. What about a program such as dreamweaver?
     
  11. Astro

    Astro Code Monkey

    Joined:
    Mar 18, 2000
    Messages:
    2,047
    Likes Received:
    0
    Location:
    Cleveland Ohio
    THATS why Frontpage is evil. It breaks a lot of things or other things break it. But it just breaks and is a hassle to deal with.

    If you're stuck on the idea of visually seeing your site, DreamWeaver or GoLive are good choices (HomeSite still around? HotDog was another one but more text oriented). If you're completely broke, Mozilla Composer might be an option. Its come along way, but some may say it still has a long way to go. I use Edit+, but basically Notepad on steriods which you probably aren't ready for yet.
     

Share This Page