confused and dazed Posted January 14, 2012 Share Posted January 14, 2012 Hello internet.I used a series of password protect html pages to direct the user to a page only if the password is correct. However, it appears they can just type in the web-address of the destination page and it will load. I want that page to be password protected but I can type it in and it will load. How do I prevent this? Link to comment Share on other sites More sharing options...
boen_robot Posted January 14, 2012 Share Posted January 14, 2012 You can't do that with HTML, JavaScript, or anything running on the client. You need to configure the server to do that.The way you do depends on your web server (Apache, IIS, etc.) and/or server scripting language (PHP, ASP.NET, etc.) of choice. Link to comment Share on other sites More sharing options...
confused and dazed Posted January 14, 2012 Author Share Posted January 14, 2012 Web Server Windows - working with php. Link to comment Share on other sites More sharing options...
boen_robot Posted January 14, 2012 Share Posted January 14, 2012 "Windows" is your OS, not your web server. Your web server is the program that gives the requested files. It could be Apache, IIS (that's bundled with Windows, but may not be what you're using; plus it's a different version at each Windows version), or something else.Here's instructions for Apache. For PHP, it's a little more complicated, because you need to not only define a username and password, but also store them somewhere (e.g. a file outside of your web server or a database), and then fetch the protected content via PHP instead of letting it go directly from the web server. Link to comment Share on other sites More sharing options...
confused and dazed Posted January 14, 2012 Author Share Posted January 14, 2012 Well I have go daddy and I have a windows based server platform with IIS. Looks like PHP will be a hard way to go with windows... maybe I should consider changing my server over to Linux based. Link to comment Share on other sites More sharing options...
boen_robot Posted January 14, 2012 Share Posted January 14, 2012 GoDaddy with IIS? OK... that's what I wanted to know...There needs to be some way in which GoDaddy allows you to register usernames via some sort of control panel. Create the username and password you'll be using for the folder there. Once you do that, create a file called web.config with the following contents: <?xml version="1.0" encoding="UTF-8"?><configuration> <system.webServer> <security> <authorization> <remove users="*" roles="" verbs="" /> <add accessType="Allow" users="USERNAME" /> </authorization> </security> </system.webServer></configuration> (replacing USERNAME with the actual username you registered)and place this file into the folder you wish to protect. Link to comment Share on other sites More sharing options...
confused and dazed Posted January 14, 2012 Author Share Posted January 14, 2012 I called up GoDaddy and they said there is not a way to protect a folder with my windows based server. If I wanted to keep the windows based platform he mentioned there will be a lot of php scripting involved to accomplish this. Otherwise he suggested switching over to a Linux based platform and this would allow my hosting account to easily protect a folder without php scripting. I took his advice and the migration process has started...Thanks for the comments - it started my investigation into a better way to code. Thanks. Link to comment Share on other sites More sharing options...
boen_robot Posted January 14, 2012 Share Posted January 14, 2012 Keep in mind it's theoretically possible (i.e. this is NOT a limitation of Windows per se)... but GoDaddy refuses to do it, because it requires them to create their own admin panel, which apparently they don't have time/desire/incentive to implement. Link to comment Share on other sites More sharing options...
confused and dazed Posted January 14, 2012 Author Share Posted January 14, 2012 Yeah I think I wrote my response a little confusing - the guy did say I can script around the problem with windows based but they could not help with that (as you stated). Thanks for the information. Link to comment Share on other sites More sharing options...
boen_robot Posted January 14, 2012 Share Posted January 14, 2012 Yeah I think I wrote my response a little confusing - the guy did say I can script around the problem with windows based but they could not help with that (as you stated). Thanks for the information.That would've been a solution for your site only.I'm talking that GoDaddy could (if they had the time and desire) design a panel for all of their users, and thus enable easy password protected folders on Windows for you and the rest of their clients.What I'm saying is that if one day you change your host from GoDaddy to someone else... look out for Windows hosting offers as well. Just because they use Windows doesn't inherently mean they don't allow password protection. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.