Welcome to WebmasterWorld Guest from 54.211.86.24

Forum Moderators: brotherhood of lan & mack

How many passwords?

   
11:57 pm on Aug 15, 2002 (gmt 0)

10+ Year Member



My website's host uses Hsphere. Its control panel allows me to password-protect individual files and directories within my website.

Access to upload or modify my website presently is protected by a single password. Using that PW gives me access to the whole shebang.

My question is this: Under what conditions would it be desirable to protect directories WITHIN my website?

Shaloha,
Bellgamin

11:59 pm on Aug 15, 2002 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



You would want to protect directories that you only want certain people to access. Many times subcription newsletters will password protect their monthly newsletter and send out a password to their subscribers. Content you only want friends or family to see may be another or if you are developing an intranet on a corporate site could be another. There are many reasons for doing this....you name it.
12:05 am on Aug 16, 2002 (gmt 0)

WebmasterWorld Administrator brotherhood_of_lan is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



protecting an interface to a database is a way i use one....
12:12 am on Aug 16, 2002 (gmt 0)

10+ Year Member



Many thanks, James. The marvelous thing [to me] is that I actually understand what you told me. I asked my web host the same question & here is his reply...

"It is for password protecting areas of your site with basic HTTP authentication."

Was the fact that I didn't understand the above primarily due to my noob status [probable] or was they guy trying to dazzle me with foot work?

Oh... and WHAT is "HTTP authentication?"

Aloha from Hawaii,
Bellgamin

7:36 am on Aug 16, 2002 (gmt 0)

10+ Year Member


It's the standard way of password-protecting directories.

HTTP stands for HyperText Transfer Protocol. It's one way browsers and servers communicate, and is used for websites: this is why, if you look at your address bar, it begins with http://...

Basically, the client (i.e. your browser) sends a request to the server for a particular file. An HTTP request typically looks like this:
[code]
GET /index.html HTTP/1.0
Referer: http://mysite.com/sitemap.html
Connection: Keep-Alive
(etc etc etc...)
[/code]

The server then sends an HTTP response which begins with a code telling the browser whether the request was successful and what action to take next. Common responses include:

200 OK (meaning: the request was successful, and here is the page)
404 Not Found (the dreaded "File not found" page)
410 Gone (the page has been permanently removed)
500 Internal Server Error (usually there is an error in a server-side script)

The code that interests us here is:

401 Authorization Required

When the client receives a 401 response, it will prompt the user (you) to enter a user name and a password. This is then sent back to the server, which checks to see if everything is OK and that you do indeed have access to that directory. If all is well, it sends the page with a 200 OK code. Otherwise it sends back an error code and refuses to deliver the page.

HTTP is not the only protocol on the Internet, by the way. There is HTTPS, used for secure transactions (you usually use this when sending credit card details, for example), FTP for uploading files onto the server (can be done with HTTP, but not efficiently), WAP for, well, WAP sites, News for newsgroups and some other rarely-used protocols such as Gopher.

 

Featured Threads

My Threads

Hot Threads This Week

Hot Threads This Month