Protecting files on your website from unauthorised users can be very important.
Even more important is the method by which you accomplish this task. You could use PHP to listen for login authorisation information on each page, but that doesn't protect your images, documents, and other media, does it? That's why I've found the .htaccess method of protecting files and directories the most reliable. Oh, and it's easy too!
#The system requires two files -- the
Even more important is the method by which you accomplish this task. You could use PHP to listen for login authorisation information on each page, but that doesn't protect your images, documents, and other media, does it? That's why I've found the .htaccess method of protecting files and directories the most reliable. Oh, and it's easy too!
#The system requires two files -- the
.htaccess file and .htpasswd file.The .htaccess Code
AuthType Basic AuthName "Restricted Area" AuthUserFile /D:/wamp/www/.htpasswd require valid-user
The above code protects a directory called "protect-me-dir" at root level. The "AuthUserFile" value is always specific to your hosting configuration. If you don't know what the value should be, do a
phpinfo() and find the DOCUMENT_ROOT value.The .htpasswd Code
admin:$apr1$aeOcLzyJ$vRQ0ym4uPAkznimwNfkrd1 superadmin:$apr1$iZyYiOxo$wY2X0Yb/6wOSBKaxzs6/5/
The
.htpasswd file contains the usernames and passwords of allowed users. One per line. The passwords are MD5'd for security purposes.
To generate encrypted passwords for your
.htpasswd file, you can use my .htaccess password generator.
No comments:
Post a Comment