Trying to create a secure area

Forum Moderators: phranque

Message Too Old, No Replies

Trying to create a secure area

how do i decure indivisual pages?

mikko

10:26 am on Apr 4, 2005 (gmt 0)

I have a friend who has moved from UK to OZ and would like to post pictures to a site with info, but have it password protected so that only his friends and family back home can view he hidden pages.
I am more of a designer than developer so need a little help. I have picked up a free .asp tool that has a user login name and password which seems to work fine.

My MAIN problem that i need help with is, how do i make sure that the page he posts (behind the login screen), are secure and someone can't just guess with www.mydomain.com/holidaypics.htm ie. how do i make for example holidaypics.htm hidden?

Thanks in advance

PS. from the title, clearly i should check my spelling before hitting submit ;)

henry0

11:46 am on Apr 4, 2005 (gmt 0)

About PS
Do you know that you can edit your own posts (at leat for a few minutes)

If you are not a coder then using one of the many free scripts should do the trick.
However those pics will be set, I guess, in a separated folder.
So check your site CP you should have the option to "secure" a file ot a directory.
if you do not find it contact your ISP they will either set it up for you or give you guidance.

mikko

12:42 pm on Apr 4, 2005 (gmt 0)

The problem is, its not so much the pics - its the whole site beyond the login screen.
I dont want people to be able just type in www.mydomain.co.uk/random.htm and be able to access the page, if they typed in the valid link about i would somehow like them to be pointed to the login screen

henry0

1:00 pm on Apr 4, 2005 (gmt 0)

Mikko
this is exactly how it works
it could be a file, a directory ot the whole thing after www
the restricted area calls for a login screen
no way to type the address or bypass the login screen

only those with the correct passowrd will go through the screenng process
Now there are more sophisticated scripts available
where an user may register and get a PW, then you get an email about the new registration and may either let it be in auto mode or be the one giving the green light

mikko

1:31 pm on Apr 4, 2005 (gmt 0)

Thanks Henry0

rocknbil

4:31 pm on Apr 4, 2005 (gmt 0)

how do i make sure that the page he posts (behind the login screen), are secure and someone can't just guess with www.mydomain.com/holidaypics.htm

The easiest way to do this is to create a directory for your hidden stuff and protect it with .htaccess. No scripts required. This only works on a Linux machine. Here's one link (that I hope will be allowed) but if not, google for "htpasswd."
[httpd.apache.org...]

On a Windows server, I think you can do the same thing easily but the system admin has to set the permissions on the directory.