1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

website security

Collapse
X
1 to 10 of 19 Previous 1 2 template Next
Collapse
Reply to Thread
  •  
  • Filter
  • Time
  • Show
Clear All
new posts
1 to 10 of 19 Previous 1 2 template Next
    #1

    website security

    Hi all, me again.

    Just a quick one (oo er missus)

    I am trying to protect a website so only authorised users are aloud to enter, nothing to interesting in their - just some blank work docs etc..

    Any idea how?! i have seen lots of different sites offering ways but most of them allow people to see pwords through the source code... I have seen, ahem, i mean - i have been 'told' that when u goto a porn site someof them have a windows box that pops up (similar to ftp login box) asking for username and password... how would one go about setting that up?

    Or is there a quick, cheap alternative??!

    Thanks!
    Tags: None
    #2
    The pop-up box is just done with standard HTTP basic authentication. Instructions for an Apache server are here - http://httpd.apache.org/docs/1.3/howto/auth.html

    If you are suffering IIS I'm sure you can find the instructions for that on Google somewhere.
    Listen to my last album on Spotify

    Comment

      #3
      give us the URL and I'll have a butchers for ya...

      Older and ...well, just older!!

      Comment

        #4
        Ratewhore,

        Thanks - but has been taken off web until i can arrange the security issues.
        Ill try what bob says - ta

        Comment

          #5
          You can do this on IIS by turning on any of the authentication methods and switching anonymous access off. When someone logins in, a popup will automatically ask for the user to login. You then need to ensure that they have a user account on the server!!!

          Comment

            #6
            Originally posted by Weltchy
            You can do this on IIS by turning on any of the authentication methods and switching anonymous access off. When someone logins in, a popup will automatically ask for the user to login. You then need to ensure that they have a user account on the server!!!
            If you do this, bear in mind that each user will require a CAL on the webserver.

            Alternatively, buy an ISAPI filter that allows you to use Basic or Digest Authentication but store your users in a database or text file, negating the requirement for Windows CAL's

            Comment

              #7
              Maybe i should mention, that net security is not my main skill in life.. so as simple ways as possible is always helpful

              Thanks so far!

              Comment

                #8
                Have a look at this for simplicity

                http://www.2createawebsite.com/enhan...d-protect.html
                Me, me, me...

                Comment

                  #9
                  Originally posted by Cliphead
                  Have a look at this for simplicity

                  http://www.2createawebsite.com/enhan...d-protect.html
                  LOL, what's stopping someone just navigating directly to page2.html in that example?

                  I know HTTP basic authentication isn't 100% secure, but it will keep all but the most determined hacker out. As for that script...
                  Listen to my last album on Spotify

                  Comment

                    #10
                    dickhead - sorry i mean cliphead

                    Knowledge is basic - but not THAT basic..

                    You can not class a site as secure if u can see the password in the source code..

                    Comment

                    Reply to Thread
                    1 to 10 of 19 Previous 1 2 template Next

                    Advertisers

                    1. Contracting
                      1. General
                        1. Brexit
                      2. Business / Contracts
                        1. Coronavirus Assistance
                      3. Accounting / Legal
                        1. Umbrella Companies
                        2. HMRC Scheme Enquiries
                        3. The Future of Contracting
                        4. IR35 Reform
                      4. Technical
                      5. Welcome / FAQs
                    2. Social
                      1. Light Relief
                      2. Social / Events
                    Working...
                    X