Archive for Downsizer For an ethical approach to consumption
 


       Downsizer Forum Index -> IT Matters
Leonie

Website passwords

I want to upload some photos onto my website which I would prefer to password protect, they're family pictures that include my children and don't want unwanted guests browsing them. Some parts of my website I'd like to keep password free but other parts, e.g. the photos, I'd like to have in a folder that cannot be viewed unless the person has the correct password.

How do I password protect certain folders, I use Dreamweaver 4 for publishing the website. Can anyone help?
jema

http://www.javascriptkit.com/howto/htaccess3.shtml
Leonie

Thanks Jema, but I can't view the page, could be me as my wireless plays up sometimes, will reboot quickly and see if it makes a difference. Smile
Leonie

Sorry jema, still can't see the page, tells me it's unavailable. Confused
jema

google "htaccess password protection". There are a lot of links. The insructions are a bit too complex to easily give here.
Leonie

Thanks jema, I've found lots of information. Just a quick question though, how do I create the .htpasswd file? I created a .htpasswd file in Dreamweaver but it won't allow me to open it using Dreamweaver, says it can't find a valid editor for the file extension. When I created a .htpasswd file in Notepad it puts a .txt at the end of the file name so reads .htpasswd.txt, that's not right is it?
mrutty

Worth noting that you must be able to post above the http server for this to be secure (ish). If you post the code within the http service it will be possible to to find the username and password and reverse engineer it. Still it will stop the normal user from coming by.

Jema will have to corrct me here but if you're running your own server and have root access you can set the access within UNIX with world/group/user and the webserver will challenge anyone accessing the folder (I know it works on VMS and I'm sure we ported it to UNIX when I was doing some web work).

I really must get my Fedora machine back online this month scratch
jema

mrutty wrote:
Worth noting that you must be able to post above the http server for this to be secure (ish). If you post the code within the http service it will be possible to to find the username and password and reverse engineer it. Still it will stop the normal user from coming by.

Jema will have to corrct me here but if you're running your own server and have root access you can set the access within UNIX with world/group/user and the webserver will challenge anyone accessing the folder (I know it works on VMS and I'm sure we ported it to UNIX when I was doing some web work).

I really must get my Fedora machine back online this month scratch


I think this would be an apache module that would have to be enabled. Pretty sure that is not default behavior.

In notepad if you save with the filter set to all files, then it will not and the ".txt" extension.
Leonie

mrutty I have no idea what that all meant! Embarassed Laughing

I don't run my own server, the web pages I'm trying to protect are contained on the website that is supplied by my ISP.

I do have other websites but again they are hosted by a 3rd party, not my ISP.

How easy is it for someone to reverse engineer it? I'm trying to protect from people know a fair bit about IT but are not necessarily professional hackers if that helps.
Leonie

Thanks jema, will go try that now. Very Happy
mrutty

This is why I never come on this forum. I'd just like to say you're both GITS!!!! Evil or Very Mad After driving 6 hours today (damn that bridge) I'm typing code to see if I can get it to work on my site. Even worse because I'm this tired I can only remember the password to my main site so am testing live Shocked Wink Laughing Laughing Laughing
Leonie

please don't mrutty, it doesn't have to be done today! Very Happy
mrutty

Ha it's OK I've beaten Jema, my kungfu is stronger Laughing Cool Cool

The UsersDir directive can be used to explicitily allow or deny url tp path name translation. I thought I'd migrated my VMS stuff some how Cool

Good to know I'm not going totally mad and thank God for man pages Laughing

Just need to get this Java to work now
Leonie

I've been trying to follow the instructions on those websites, done everything as it says and I can't get it to prompt me for password when I open the url, grrrrr! Rolling Eyes
Leonie

Update...I've got as far as being prompted for my username and password when I try to access the live web files so the .htaccess file is working, yippee! But when I put in the username and password it doesn't accept it. I've been to the encryption site here http://www.htmlite.com/HTA006a.php and put in a username and password, the encrypted code it gives me each time is different, even although the username and password I'm supplying is the same each time. Is that right? Am I misunderstanding something here, I thought I input the details, get the code and paste it into the .htpasswd file.
mrutty

Now I know who you really on I don't think I'll try any more tonight Laughing Laughing Laughing
       Downsizer Forum Index -> IT Matters
Page 1 of 1
Home Home Home Home Home