May I know how can I set up a web site with password protection (at the entry / main

[gomcse]

Hi to all,

If I am planning to add password protection feature to keep the public away from entering my trade union site. May I know how can I do so, if my web hosting package does not supoport any database or cgi stuff. (I am only using a very basic web hosting package, it only support Javascript,FrontPage 2000 extensions,Flash and Shockwave)

Please advise.

[nick1]

I think you can use javascript to put a logon on the main page. See http://hotwired.lycos.com/webmonkey/index.html they have a very good tutorial on JavaScript.
HTH

[DemonKnight]

There are plenty of java script password systems on the net. be warned though that any one who knows javascript could probably crack it. (since the pass word is located in the script) you my check www.cgiforme.com I think they had/have a remote cgi-password thing.

[zskillz]

i actually wrote a java applet that reads a txt file that you put on the server. you could hard code a password into the java applet however if you liked I suppose, but I wanted it to be dynamic.... the nice pard of it was that unless the directory is viewable by anyone, I could name the txt file whatever I wanted to, and the chances of someone guessing it were pretty **** slim.

it is possible, and since you can't see the source for on applet (at least not easily), it might be your best solution

[Madcap]

The only thing i have to add is that a friend put a password protection thing on his site and the host took down his site for it! Said he breached his contract. But I think they just wanted tog et rid of him cos it was a free place that started charging for their space and wanted to get rid of all the ppl still not paying

[qball]

See if your web host (ISP) supports network validation (NT/Unix). Probably won't with a basic package as one (the ISP) needs to maintain the list of users. This can be done on the server at the folder level, so all files are protected. This is great for intranets.

Then there is server side validation through scripts (ASP, JSP, CGI...) and maintaining session information.

Lastly, the cheezy javascript/applet solution, but those are browser specific and client side and easily defeated.

May seem a simple task, but security is non-trivial.

[brandon184]

The most basic I've worked with is .htaccess. Seems easy enough to set up, too.

- Brandon

[zskillz]

I never said it was a good solution qball. But if you can't use a server side database or any of that stuff, it may be all that you have. and anyway, no matter what type of security you have, someone can get into it even if they're not supposed to. it just depends if that many people are really going to care about what is there!

-Z

[izzzy12k]

I'd use a javascript placed in a .js file referencing another file (for username and passwords) in a parent directory.

goto www.javascripts.com I've seen some similar type scripts.

izzy

[xtremerider247]

here are a few sites you can find password protection at

<a href="www.javascriptsource.com">java script source.com</a>
<a href="www.instanzscripts.com">instant scripts.com</a>