|
OK as the title suggest you're wanting to restrict access to certain pages on your site. Well that's what were going to discuss here. There are several way to do this.
There are some Java scripts that can be easily bypassed. There is also a component offered by Bitmotion® that requires special scripting language and data base. CoolMaps® also has a component, but it can easily be defeated the same way as the Java scripts. No Coolmaps is not trying to dupe you with it. Its made for users who don't want to get up to their elbows in code, or need a solution as secure as Fort Knox.
If your site is on a Windows® based server, that has one of the supported data bases, and you need a pretty darn good protection setup, and you have the $99 for the Bitmotion® component I recommend you get it.
We will be covering basic protection on Linux based web servers.
So if you're in need of a free way to protect pages and are on a UNIX server, you're in luck, you've come to the right place.
95% of all web servers are running one flavor of UNIX or Linux(a variant of UNIX), and 98% of those servers are running the Apache® web sever from The Apache Software Foundation®. This tutorial will cover how to setup protection on a Linux server running Apache®. Apache® has a built in feature called .htaccess: we're going to be using the .htpassword part of it.
Some background on .htaccess: Some people have probably heard of it and think they have a fair idea of what it can do. Most likely you've only scratched the surface. Those that have heard of it, have probably used it for custom error pages or 404 error trap as there commonly called. If you haven't herd of .htaccess, now you have.
So what is it, and how does it help me protect my pages, you maybe asking. OK the short of it is, it's a configuration file that tells Apache® web server how to handle files and directories. It is simply a ASCII format file. Technically it's a file extension. It is not file.htaccess or somepage.htaccess, it is simply named .htaccess It is used for almost any configurable part of the apache web server.
So how do we use it to password protect a directory? It's quite simple, really.
But! First things first. We need to do a couple things before we begin.
- Make sure your server doesn't have built in password protection feature in the control panel that uses .htaccess. Check with your host or ISP.
- Get a file editor that will save in UNIX format. TexPad® is one that I use. You can get a trial version from their web site here. Note: The rest of this tutorial assumes you using TextPad®.
- You need a way to created encrypted passwords. This web site has a nice script that will do it for you.
- You need a 3rd party FTP client that support's the Chmod command. You can get one here.
Note: This tutorial assumes your using CuteFTP Pro®.
- You'll also need to know how to invoke the following command so that you can view .htaccess and .htpasswd files. The command is "-la" with out the quotes. How you invoke it is different in different FTP clients.
Click Here to See how to do it in CuteFTP Pro
- Create the directory were going to place our protected pages in.
- The system path to that directory that is outside of the web root. i.e. something like: /usr/local/var/
Note: This path varies from server to server so check with your provider for the proper path.
Click the Next button below to continue.
|
