Welcome to WebmasterWorld Guest from

Forum Moderators: incrediBILL

Message Too Old, No Replies

Caching problem



5:39 pm on Feb 12, 2012 (gmt 0)

Hi .

I have a webpage that is password protected via .htaccess .htusers
the problem i have is that if you log into the page the come out of it and follow the link back in it allows access without asking for the username and password i would like to stop this .

Is it something i can stop via the page itself

Thnaks Pete .


6:16 pm on Feb 13, 2012 (gmt 0)

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member

This is not a caching problem. What keeps the user logged in, and "connected" to the site, separate from other users? A cookie. Without other options,this is a session cookie that dies only after you close the browser. Solution: modify your login scheme to allow the cookie to expire, or, create a logout scheme that deletes the cookie.


7:11 pm on Feb 13, 2012 (gmt 0)

Humm i was not aware that the .htaccess would create a cookie i certainly have not set any cookies i basically dont like them

Pete .


5:00 pm on Feb 14, 2012 (gmt 0)

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member

Cookies are your friend, they're what keep you connected to the website. When you place an item in a cart, that's what is keeping you connected to YOUR cart, a cookie. It's what's keeping you logged in to this site. Even PHP sessions use the PHPSESSID cookie. They get a bad rap because of the attempts at abuse, but generally they are a harmless bit of info and as programmers we'd be pretty much lost without them (although, you should always program for ways to handle connections should they be disabled.)

Cookies set for auth methods in .htaccess are generally session cookies (die when the browser closes) but if you dig through the documentation I'm **pretty sure** there's a way to set their life, make them persistent, and un-set them.


5:31 pm on Feb 14, 2012 (gmt 0)

HUmmm that sort of defeats the object they need to die the instant you come out of the page in question this makes life very hard indeed .
In that case i need to look at it from a differnet angle once a user has accessed the page in question one time they will no longer get in again a one time password

Featured Threads

Hot Threads This Week

Hot Threads This Month