472,992 Members | 3,576 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > securing host username password

Join Bytes to post your question to a community of 472,992 software developers and data experts.

securing host username password

hi-

i am going through the process of password protecting a directory using
..htaccess and .htpasswd

i am experiencing difficulty. so my question is without making life
anymore difficult is if the webhost already has a password protected
directory option is this secure enough? i dont need password protection
at
the directory level and at the file level do i? i want to protect the
php_include files that will contain my $host $username $password.

here is what i did only so you dont think i am totaly crazy.

AuthUserFile /home/file_access/.htpasswd
AuthName EnterPassword
AuthType Basic

require usernamegoeshere

i put .htaccess in a directory like
publichtmlfolder/php_include
i put usernamegoeshere : encryptedstringgoeshere

i must be missing some little step. i uploaded ascii.
i just dont know. i am at a loss.
note: it isnt even displaying the EnterPassword in the password dialog.
It seems to be the password directory dialog for logging on to
ipowerweb.
The only thing i can say looks even partially right is when i type in
mydomainname/php_include i am prompted with the password dialog.

thanks. sorry for the confusion :-)
jim

Jul 17 '05 #1
5 2093
note: it isnt even displaying the EnterPassword in the password dialog.
It seems to be the password directory dialog for logging on to
ipowerweb.

thanks. sorry for the confusion :-)
jim


oops. yes it does display EnterPassword in the dialog.
just tried it under netscape instead of IE browser.
still no luck. maybe i will find a different site for generating
the encryption.

any suggestions are appreciated.

thanks.
Jul 17 '05 #2
hi-

i tried so hard at this tonight. i basically wasted my whole friday night
trying to get this to work and am not happy about it :-(

here is what i tried different (it should work $%#@!D )

i put this in a file named .htaccess

AuthUserFile /home/3rdshift/public_html/.htpasswd
AuthName EnterPassword
AuthType Basic
require user telzonking

i put this in a file named .htpasswd

telzonking : 95Mn1arkwMSyc

i upload them using ascii mode

..htaccess was placed in directory i want protected

..htpasswd got placed in my public_html folder

i must be cursed!!!!!!!!!!!!!!!!!!!!!!!!!!

thanks for any suggestions
jim
Jul 17 '05 #3
hi-

i read in a thread some advice to enable the appache error log
on the ipower webserver. i did this. it could take up to
24 hours.

i will be curious to see what it has to say.

later
Jul 17 '05 #4
"j-marvin" <cu******@service.boy> wrote in
news:Xn*************************@24.24.2.165:
hi-

i read in a thread some advice to enable the appache error log
on the ipower webserver. i did this. it could take up to
24 hours.

i will be curious to see what it has to say.

later


hi-

the error log at ipowerweb helped. that was good advice.

one of the things i did it didnt like was leave
spaces in my username : password.
i changed it to username:password and it works.

i also had trouble understanding a server path versus a
relative url path. i'd test my relative url paths and
they'd work but i needed to use a server path instead.
for instance /home/3rdshift/public_html/.htpasswd is
the same as <a href= "/.htpasswd"></a> but i couldnt
use href style relative paths in the .htaccess file.

i hope this explanation helps someone in the future.

so anyways it works now.
thanks,
jim

Jul 17 '05 #5
.oO(j-marvin)
i am going through the process of password protecting a directory using
.htaccess and .htpasswd

i am experiencing difficulty. so my question is without making life
anymore difficult is if the webhost already has a password protected
directory option is this secure enough? i dont need password protection
at
the directory level and at the file level do i? i want to protect the
php_include files that will contain my $host $username $password.


Why not simply put the includes outside of the document root? Then you
don't need HTTP authentication, because the files are not accessible
with HTTP.

Micha
Jul 17 '05 #6
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
Maybe easy - securing php files containing DB access passwords etc.
by: Dave Smithz | last post by:
Hello there, In summary: How to make my password protected php scripts available for use to public, without letting them do anything they want to DB. Previously a shared hosting hosted MySQL...
PHP
1
Securing a ASP web application
by: Graeme Coutts | last post by:
Developed a web application which adopts a custom security model which displays a login page and requests a username/password combination. The username works in a mixed-mode of usernames matched with...
ASP / Active Server Pages
0
Securing a file
by: RamseytheScot | last post by:
At the moment we have a httphandler. This handler connects to services and redirect messages to this service. To use this service you have to log on using a Username and Password. This Username and...
.NET Framework
11
Securing hashing algorithm
by: Wm. Scott Miller | last post by:
Hello all! We are building applications here and have hashing algorithms to secure secrets (e.g passwords) by producing one way hashes. Now, I've read alot and I've followed most of the advice...
C# / C Sharp
3
Securing SQL connection strings
by: Tyson Marchuk | last post by:
Hello, Background info Kind of new to using databases and I'm writing an app in C# which connects to a MySQL database. I was using the ODBC connector and a DSN entry to connect to the database...
C# / C Sharp
4
Securing dB connection string in Web.config
by: Charlie | last post by:
Hi: I'm storing my dB connection in web.config file. Since it will be easily read by opening file, what is a good way to secure it? Thanks, Charlie
ASP.NET
1
Securing a web service
by: Scott McChesney | last post by:
Folks - We are running around and around here on a project we're developing, and I'm getting to the point that I don't know what I do and don't know. So I need some assistance. We are...
ASP.NET
6
Securing web service
by: John | last post by:
Hi How can I make sure that no one else can call and receive data from my web methods? Thanks Regards
.NET Framework
10
Re: Advice on securing a sensitive Access database
by: Les Desser | last post by:
In article <fcebdacd-2bd8-4d07-93a8-8b69d3452f3e@s50g2000hsb.googlegroups.com>, The Frog <Mr.Frog.to.you@googlemail.comMon, 14 Apr 2008 00:45:10 writes Thank you for that. It was very...
Microsoft Access / VBA
0
React to native button blinking effect
by: lllomh | last post by:
Define the method first this.state = { buttonBackgroundColor: 'green', isBlinking: false, // A new status is added to identify whether the button is blinking or not } autoStart=()=>{
Software Development
0
How to find best mobile app development company in usa
by: Aliciasmith | last post by:
In an age dominated by smartphones, having a mobile app for your business is no longer an option; it's a necessity. Whether you're a startup or an established enterprise, finding the right mobile app...
Mobile Development
0
tracyyun
Can faster file sharing be achieved by connecting computers simultaneously via WiFi and LAN cables
by: tracyyun | last post by:
Hello everyone, I have a question and would like some advice on network connectivity. I have one computer connected to my router via WiFi, but I have two other computers that I want to be able to...
Networking - Hardware / Configuration
2
Energy Model code modification to account for year dependent interest rate
by: giovanniandrean | last post by:
The energy model is structured as follows and uses excel sheets to give input data: 1-Utility.py contains all the functions needed to calculate the variables and other minor things (mentions...
Python
1
Report value list
by: Teri B | last post by:
Hi, I have created a sub-form Roles. In my course form the user selects the roles assigned to the course. 0ne-to-many. One course many roles. Then I created a report based on the Course form and...
Microsoft Access / VBA
3
Finding a record, and then saving a new record after the record has been amended.
by: nia12 | last post by:
Hi there, I am very new to Access so apologies if any of this is obvious/not clear. I am creating a data collection tool for health care employees to complete. It consists of a number of...
Microsoft Access / VBA
0
NeoPa
VBA Class Basics (Report Class)
by: NeoPa | last post by:
Introduction For this article I'll be focusing on the Report (clsReport) class. This simply handles making the calling Form invisible until all of the Reports opened by it have been closed, when it...
Microsoft Access / VBA
4
Take a Database to the Next Level
by: GKJR | last post by:
Does anyone have a recommendation to build a standalone application to replace an Access database? I have my bookkeeping software I developed in Access that I would like to make available to other...
Microsoft Access / VBA
3
SueHopson
Applying ComboBox filters Sequentially
by: SueHopson | last post by:
Hi All, I'm trying to create a single code (run off a button that calls the Private Sub) for our parts list report that will allow the user to filter by either/both PartVendor and PartType. On...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2023
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!