473,386 Members | 1,720 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > securing host username password

Join Bytes to post your question to a community of 473,386 software developers and data experts.

securing host username password

hi-

i am going through the process of password protecting a directory using
..htaccess and .htpasswd

i am experiencing difficulty. so my question is without making life
anymore difficult is if the webhost already has a password protected
directory option is this secure enough? i dont need password protection
at
the directory level and at the file level do i? i want to protect the
php_include files that will contain my $host $username $password.

here is what i did only so you dont think i am totaly crazy.

AuthUserFile /home/file_access/.htpasswd
AuthName EnterPassword
AuthType Basic

require usernamegoeshere

i put .htaccess in a directory like
publichtmlfolder/php_include
i put usernamegoeshere : encryptedstringgoeshere

i must be missing some little step. i uploaded ascii.
i just dont know. i am at a loss.
note: it isnt even displaying the EnterPassword in the password dialog.
It seems to be the password directory dialog for logging on to
ipowerweb.
The only thing i can say looks even partially right is when i type in
mydomainname/php_include i am prompted with the password dialog.

thanks. sorry for the confusion :-)
jim

Jul 17 '05 #1
5 2120
note: it isnt even displaying the EnterPassword in the password dialog.
It seems to be the password directory dialog for logging on to
ipowerweb.

thanks. sorry for the confusion :-)
jim


oops. yes it does display EnterPassword in the dialog.
just tried it under netscape instead of IE browser.
still no luck. maybe i will find a different site for generating
the encryption.

any suggestions are appreciated.

thanks.
Jul 17 '05 #2
hi-

i tried so hard at this tonight. i basically wasted my whole friday night
trying to get this to work and am not happy about it :-(

here is what i tried different (it should work $%#@!D )

i put this in a file named .htaccess

AuthUserFile /home/3rdshift/public_html/.htpasswd
AuthName EnterPassword
AuthType Basic
require user telzonking

i put this in a file named .htpasswd

telzonking : 95Mn1arkwMSyc

i upload them using ascii mode

..htaccess was placed in directory i want protected

..htpasswd got placed in my public_html folder

i must be cursed!!!!!!!!!!!!!!!!!!!!!!!!!!

thanks for any suggestions
jim
Jul 17 '05 #3
hi-

i read in a thread some advice to enable the appache error log
on the ipower webserver. i did this. it could take up to
24 hours.

i will be curious to see what it has to say.

later
Jul 17 '05 #4
"j-marvin" <cu******@service.boy> wrote in
news:Xn*************************@24.24.2.165:
hi-

i read in a thread some advice to enable the appache error log
on the ipower webserver. i did this. it could take up to
24 hours.

i will be curious to see what it has to say.

later


hi-

the error log at ipowerweb helped. that was good advice.

one of the things i did it didnt like was leave
spaces in my username : password.
i changed it to username:password and it works.

i also had trouble understanding a server path versus a
relative url path. i'd test my relative url paths and
they'd work but i needed to use a server path instead.
for instance /home/3rdshift/public_html/.htpasswd is
the same as <a href= "/.htpasswd"></a> but i couldnt
use href style relative paths in the .htaccess file.

i hope this explanation helps someone in the future.

so anyways it works now.
thanks,
jim

Jul 17 '05 #5
.oO(j-marvin)
i am going through the process of password protecting a directory using
.htaccess and .htpasswd

i am experiencing difficulty. so my question is without making life
anymore difficult is if the webhost already has a password protected
directory option is this secure enough? i dont need password protection
at
the directory level and at the file level do i? i want to protect the
php_include files that will contain my $host $username $password.


Why not simply put the includes outside of the document root? Then you
don't need HTTP authentication, because the files are not accessible
with HTTP.

Micha
Jul 17 '05 #6
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
Maybe easy - securing php files containing DB access passwords etc.
by: Dave Smithz | last post by:
Hello there, In summary: How to make my password protected php scripts available for use to public, without letting them do anything they want to DB. Previously a shared hosting hosted MySQL...
PHP
1
Securing a ASP web application
by: Graeme Coutts | last post by:
Developed a web application which adopts a custom security model which displays a login page and requests a username/password combination. The username works in a mixed-mode of usernames matched with...
ASP / Active Server Pages
0
Securing a file
by: RamseytheScot | last post by:
At the moment we have a httphandler. This handler connects to services and redirect messages to this service. To use this service you have to log on using a Username and Password. This Username and...
.NET Framework
11
Securing hashing algorithm
by: Wm. Scott Miller | last post by:
Hello all! We are building applications here and have hashing algorithms to secure secrets (e.g passwords) by producing one way hashes. Now, I've read alot and I've followed most of the advice...
C# / C Sharp
3
Securing SQL connection strings
by: Tyson Marchuk | last post by:
Hello, Background info Kind of new to using databases and I'm writing an app in C# which connects to a MySQL database. I was using the ODBC connector and a DSN entry to connect to the database...
C# / C Sharp
4
Securing dB connection string in Web.config
by: Charlie | last post by:
Hi: I'm storing my dB connection in web.config file. Since it will be easily read by opening file, what is a good way to secure it? Thanks, Charlie
ASP.NET
1
Securing a web service
by: Scott McChesney | last post by:
Folks - We are running around and around here on a project we're developing, and I'm getting to the point that I don't know what I do and don't know. So I need some assistance. We are...
ASP.NET
6
Securing web service
by: John | last post by:
Hi How can I make sure that no one else can call and receive data from my web methods? Thanks Regards
.NET Framework
10
Re: Advice on securing a sensitive Access database
by: Les Desser | last post by:
In article <fcebdacd-2bd8-4d07-93a8-8b69d3452f3e@s50g2000hsb.googlegroups.com>, The Frog <Mr.Frog.to.you@googlemail.comMon, 14 Apr 2008 00:45:10 writes Thank you for that. It was very...
Microsoft Access / VBA
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!