1. This website uses cookies. By continuing to use this website you are giving consent to cookies being used.
    For information on cookies and how you can disable them visit our Cookie Usage page.
    Dismiss Notice

PHP Password protecting a website

Discussion in 'Web Development' started by Jodah, Jul 14, 2005.

  1. Jodah

    Jodah New Member

    Is PHP used for this? If not, what code is used to password protect a website? (Besides the basic java script codes).

    Also, do you have any links for snippets of this code?
     
  2. Mimoun

    Mimoun Administrator Staff Member Director Verified Member

    The best and most secure way would be to use .htpasswd and .htaccess files.
    You can protect your entire site or just 1 folder.
    Here is how you have to create .htpasswd and .htaccess files:
    First make a file and name it .htaccess and put the file in the folder you want to protect. Here is the code you have to put in the .htaccess file, first line defines the location of the .htpasswd where your passwords are encrypted.
    It's important that you don’t place your
    .htpasswd file www or public_html folder.
    Place it in the root or a folder in the root.
    Code for the
    .htaccess file
    Code:
    AuthUserFile /home/youraccountname/.htpasswd
    
    Add this in the .htaccess too file
     AuthGroupFile /dev/null
     AuthName "Private Area"
     AuthType Basic
     <Limit GET POST>
     require valid-user
     </Limit>
     
    Create a .htpasswd file here you will put your username and an encrypted password
    Code:
    myname:cGyUX9QugYMgE
    Here is a great site to create your .htaccess and .htpasswd files online
     
  3. onekoolman

    onekoolman New Member

    You can use dirpass.cgi, lookup dirpass, it makes it simple, but only works if you have a cgi, cgi-bin directory to put it in, if you need help post here.
     
  4. Dragosse

    Dragosse New Member

    Can you, Mimoun please explain for me way is PHP and MY SQL not secure to password protect website?

    Dragosse
     
  5. Mimoun

    Mimoun Administrator Staff Member Director Verified Member

    I didn't say php and mysql is not secure you can build a secure script, but you will have to watch out while coding to not have SQL leaks in your source code. You will have to check every input a user makes.
    That's why I think using .htaccess is more secure.
     
  6. Jodah

    Jodah New Member

    Thanks for the help, muchly appreciated.
     
  7. Dragosse

    Dragosse New Member

    Thanks, for the information.
    I will tray to use my sql. I like to have control of al code and I thinking if I put it in the sql then everything is on one place.

    Dragosse
     
  8. daibt

    daibt New Member

    Thank you !
     
  9. Dark Lord

    Dark Lord New Member

    If you go to zymic.com they have a real simple one, I had to use this when i had my site on a free host because it did not allow .htaccess files.
     
  10. fairdoes

    fairdoes Member

    dirpass.cgi from lockedarea.com - highly recommended :)
     
  11. fairdoes

    fairdoes Member

  12. fairdoes

    fairdoes Member

    Many web hosts (e.g 1and1.com) now include password protection, for free, as part of their hosting package
     
  13. Graciella

    Graciella New Member

    Any hosting company that use Cpanel or Hsphere have option to protected your files or directory.
    If your hosting company use something else and does not have then is htaccess + htpasswd easy and safest option.