bahattab
05-12-2009, 08:40 PM
Setting up password protection
The best way to secure content on your website is to use .htaccess/.htpasswd protection. This will password protect any directory and all directories below. You will need to create a .htaccess file which you put in the directory you want to protect.
You will also need to create a .htpasswd file which you will put out of reach (see tip on Securing Your Package). The .htaccess file should contain the following:
AuthUserFile /full_unix_path_to_your_file/.htpasswd
AuthName "Any Name You Want"
AuthType Basic
require user username
Where username is the name of the user specified in the .htpasswd file.
You can also make that last line
require valid-user
to accept any user specified in the .htpasswd file.http://www.atyafonline.com/vb/imgcache/4419.pnghttp://www.youtube.com/favicon.icohttp://www.google.com/favicon.ico
You can also limit the password protection. For example put the .htaccess code inside these tags
<files file.ext>
htaccess protection code goes here
</files>
to limit the password protection to just the file "file.ext".
The .htpasswd file should genrally be put at your ftp root (above the public directory). It is in the form:
user:encrypted password
The best way to create these files is using notepad (for example create htaccess.txt in notepad), then upload, then rename on the server (.htaccess). You can encrypt the password using the form in B&T's Tool Box (on this page) or use your own script (also available on this page). More information can be found on this technique in the Apache documentation here (http://httpd.apache.org/docs-2.0/howto/auth.html).
http://tips-scripts.com/protect
The best way to secure content on your website is to use .htaccess/.htpasswd protection. This will password protect any directory and all directories below. You will need to create a .htaccess file which you put in the directory you want to protect.
You will also need to create a .htpasswd file which you will put out of reach (see tip on Securing Your Package). The .htaccess file should contain the following:
AuthUserFile /full_unix_path_to_your_file/.htpasswd
AuthName "Any Name You Want"
AuthType Basic
require user username
Where username is the name of the user specified in the .htpasswd file.
You can also make that last line
require valid-user
to accept any user specified in the .htpasswd file.http://www.atyafonline.com/vb/imgcache/4419.pnghttp://www.youtube.com/favicon.icohttp://www.google.com/favicon.ico
You can also limit the password protection. For example put the .htaccess code inside these tags
<files file.ext>
htaccess protection code goes here
</files>
to limit the password protection to just the file "file.ext".
The .htpasswd file should genrally be put at your ftp root (above the public directory). It is in the form:
user:encrypted password
The best way to create these files is using notepad (for example create htaccess.txt in notepad), then upload, then rename on the server (.htaccess). You can encrypt the password using the form in B&T's Tool Box (on this page) or use your own script (also available on this page). More information can be found on this technique in the Apache documentation here (http://httpd.apache.org/docs-2.0/howto/auth.html).
http://tips-scripts.com/protect