Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: mack
Access to upload or modify my website presently is protected by a single password. Using that PW gives me access to the whole shebang.
My question is this: Under what conditions would it be desirable to protect directories WITHIN my website?
"It is for password protecting areas of your site with basic HTTP authentication."
Was the fact that I didn't understand the above primarily due to my noob status [probable] or was they guy trying to dazzle me with foot work?
Oh... and WHAT is "HTTP authentication?"
Aloha from Hawaii,
HTTP stands for HyperText Transfer Protocol. It's one way browsers and servers communicate, and is used for websites: this is why, if you look at your address bar, it begins with http://...
Basically, the client (i.e. your browser) sends a request to the server for a particular file. An HTTP request typically looks like this:
GET /index.html HTTP/1.0
(etc etc etc...)
The server then sends an HTTP response which begins with a code telling the browser whether the request was successful and what action to take next. Common responses include:
200 OK (meaning: the request was successful, and here is the page)
404 Not Found (the dreaded "File not found" page)
410 Gone (the page has been permanently removed)
500 Internal Server Error (usually there is an error in a server-side script)
The code that interests us here is:
401 Authorization Required
When the client receives a 401 response, it will prompt the user (you) to enter a user name and a password. This is then sent back to the server, which checks to see if everything is OK and that you do indeed have access to that directory. If all is well, it sends the page with a 200 OK code. Otherwise it sends back an error code and refuses to deliver the page.
HTTP is not the only protocol on the Internet, by the way. There is HTTPS, used for secure transactions (you usually use this when sending credit card details, for example), FTP for uploading files onto the server (can be done with HTTP, but not efficiently), WAP for, well, WAP sites, News for newsgroups and some other rarely-used protocols such as Gopher.