Welcome to WebmasterWorld Guest from

Forum Moderators: keyplyr & mack

Message Too Old, No Replies

How many passwords?

11:57 pm on Aug 15, 2002 (gmt 0)

New User

10+ Year Member

joined:Feb 16, 2002
votes: 0

My website's host uses Hsphere. Its control panel allows me to password-protect individual files and directories within my website.

Access to upload or modify my website presently is protected by a single password. Using that PW gives me access to the whole shebang.

My question is this: Under what conditions would it be desirable to protect directories WITHIN my website?


11:59 pm on Aug 15, 2002 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 23, 2000
votes: 0

You would want to protect directories that you only want certain people to access. Many times subcription newsletters will password protect their monthly newsletter and send out a password to their subscribers. Content you only want friends or family to see may be another or if you are developing an intranet on a corporate site could be another. There are many reasons for doing this....you name it.
12:05 am on Aug 16, 2002 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member brotherhood_of_lan is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 30, 2002
votes: 16

protecting an interface to a database is a way i use one....
12:12 am on Aug 16, 2002 (gmt 0)

New User

10+ Year Member

joined:Feb 16, 2002
votes: 0

Many thanks, James. The marvelous thing [to me] is that I actually understand what you told me. I asked my web host the same question & here is his reply...

"It is for password protecting areas of your site with basic HTTP authentication."

Was the fact that I didn't understand the above primarily due to my noob status [probable] or was they guy trying to dazzle me with foot work?

Oh... and WHAT is "HTTP authentication?"

Aloha from Hawaii,

7:36 am on Aug 16, 2002 (gmt 0)

Preferred Member

10+ Year Member

joined:June 7, 2002
votes: 0

It's the standard way of password-protecting directories.

HTTP stands for HyperText Transfer Protocol. It's one way browsers and servers communicate, and is used for websites: this is why, if you look at your address bar, it begins with http://...

Basically, the client (i.e. your browser) sends a request to the server for a particular file. An HTTP request typically looks like this:
GET /index.html HTTP/1.0
Referer: http://mysite.com/sitemap.html
Connection: Keep-Alive
(etc etc etc...)

The server then sends an HTTP response which begins with a code telling the browser whether the request was successful and what action to take next. Common responses include:

200 OK (meaning: the request was successful, and here is the page)
404 Not Found (the dreaded "File not found" page)
410 Gone (the page has been permanently removed)
500 Internal Server Error (usually there is an error in a server-side script)

The code that interests us here is:

401 Authorization Required

When the client receives a 401 response, it will prompt the user (you) to enter a user name and a password. This is then sent back to the server, which checks to see if everything is OK and that you do indeed have access to that directory. If all is well, it sends the page with a 200 OK code. Otherwise it sends back an error code and refuses to deliver the page.

HTTP is not the only protocol on the Internet, by the way. There is HTTPS, used for secure transactions (you usually use this when sending credit card details, for example), FTP for uploading files onto the server (can be done with HTTP, but not efficiently), WAP for, well, WAP sites, News for newsgroups and some other rarely-used protocols such as Gopher.


Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members