Protection.

@DanUKAug 03.2004

Hello.

Hope you’re all well!

Just wondering if this is possible with PHP.

We currently have htaccess providing security for our “/secure” directory.

I want to use a login form and protection through PHP, but the problem is this…

All the scripts I’ve found, even from this site, require that there’s code entered onto each php page. This is fine, except I also want to secure EVERYTHING in the directory, including images, .txt files, etc. With htaccess, *anything* that’s requested from the protected directory needs the login…

Is this possible?

We also don’t want to use a MySQL DB, as there’ll only be about 20 logins…

We’re running:
Zeus 4.2
PHP 4.3.2
Linux 2.4.20

Many thanks.

Regards,

to post a comment

PHP

4 Comments(s) _↴

@AdamGundryAug 03.2004 — #You could use [url=http://httpd.apache.org/docs/mod/mod_rewrite.html]mod_rewrite[/url] to convert all URLs into calls to a PHP script. This PHP script could then check the security privileges, then send the content as if nothing had happened. Of course, it would be slightly slower and cause more server load, but it should work fine for most purposes.

The rule would probably look something like this:

RewriteRule ^{^/secure/(.+)$} /secure.php?id=$1

For a handy guide to URL rewriting, check out [url=http://www.sitepoint.com/article/910]this article[/url].

Adam

@Stephen_PhilbinAug 03.2004 — #Can't ya just get apache to check if someone is allowed or not?

@DanUKauthorAug 03.2004 — #Hiya.

Thanks for your replies.

In response to Mr Herer's, yes the HTTPD's protection (htaccess) works absolutely fine. I'm going to start a thread now in the appropriate forum to ask a couple more questions regarding it.

Thanks for the information Adam, I think though I might as well stick with htaccess. I was just wondering whether it was something PHP was designed, and easy to do. Htaccess (statistic wise) that I just researched does the job pretty well. It's not mission critical data, just private data, so we'll continue using htaccess.

Regards,

@ShrineDesignsAug 04.2004 — #a simple security measure would be to chmod all the files in a perticular directory to 0600 or 0700, that should prevent any direct access to those files

Also in #PHP _↴

get file in folder e-commerce hosting in US For loops... To the max

Success!

Help @DanUK spread the word by sharing this article on Twitter...

Tweet This

about: ({
version: 0.1.9 — BETA 5.17,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});

changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...

recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...

Protection.

4 Comments(s) _↴

Also in #PHP _↴

Success!

Social

Version

Protection.

4 Comments(s) ↴

Also in #PHP ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

4 Comments(s) _↴

Also in #PHP _↴