Protected access to the Web presentation-HTTP Access
In the framework of our services you can use to ensure the protected access to a part of your Internet presentation, i.e., that the anonymous website visitor could not get to a certain directory of your disk space HTTP.
This is about removing the rights of anonymous users within your domain to a specific directory or files. It is also possible to assign another user names for protected access. To view the contents of pages or documents in this folder, then it will be possible to enter user credentials in the Special dialog box.
Password protection is one of the most useful features of file .htaccess. This is the most reliable protection from all. Create a zaheslované folder requires the creation of 2 files .htaccess and .htpasswd. These are hidden files that do not have a name, but only the extension (extension). Both files, you can edit the text editor.
.htaccess
First, we add to the file .htaccess required commands and put it in a folder that we want to pass word:
AuthUserFile /cesta/.htpasswd
AuthGroupFile /dev/null
AuthName "Název sekce"
AuthType Basic
require valid-user
Here "section name" is any caption of the folder you wish to pass word, such as "friends".
Then the/path is the absolute path to the .htpasswd file. You can place the htpasswd file to any folder, and may designate the .htpasswd. For security reasons, but it is recommended that .htpasswd positioned above Your main folder. That's because the file couldn't find the listing of folders of your domain. If you have a paid Web site, the server would protor for you should already be a special folder to store sensitive data.
If you don't know the path to your domain, you can run the PHP function phpinfo (), which lists the monitor server settings. Create a page with the extension of php (e.g. php phpinfo.) and insert this code:
<?php phpinfo () ?>
Save the page to the server and run in the browser. You should see a table with the settings of the server. In the table "PHP variables" should the item be _SERVER ["DOCUMENT_ROOT"] or similar. This is the absolute path to the main folder of your domain.
.htpasswd
.Htpasswd file contains user names and passwords, which will have access to the protected folder.
To the file .htpasswd, add the user names and passwords in this format:
uživatel1:heslo1
uživatel2:heslo2
uživatel3:heslo3
Password, you must encrypt the PHP function of the crypt themselves (). Here's the finished script that performs this. Create a page with the extension of php (e.g. sifrovak. php) and insert this code:
<html>
<head>
<meta http-equiv='Content-Type' content='text/html; charset=windows-1250' />
<title>Šifrovák</title>
</head>
<body>
<h1>Šifrovák</h1>
<form action="<?php echo $PHP_SELF ?>" method="post">
Heslo k zašifrování:
<br /><input type=text name=heslo />
<input type="submit" name="submit" value=" jdi " />
</form>
</body>
</html>
<?php
$submit = $_REQUEST['submit'];
if (isset ($submit)) {
$heslo = $_REQUEST['heslo'];
$zasifrovane = crypt ($heslo);
if (crypt ($heslo, $zasifrovane) == $zasifrovane)
echo "<br />Heslo: $heslo = <span style='background:yellow;color:black;'>$zasifrovane</span>";
else
echo "<br />Došlo k chybě v šifrování.";
}
?>
Encrypt you must perform on his Web site, where you will have the zaheslovanou folder. Does not have to do it on some other site, because different servers encrypted in different ways. Sifrovak. php page to save to the server and run in the browser. Encrypt the password, one after another, always copy the clip to the file .htpasswd.
uživatel1:zasifrovane_heslo1
uživatel2:zasifrovane_heslo2
uživatel3:zasifrovane_heslo3
Additional users can be added as additional lines of the file .htpasswd.
Then, if someone tries to access the zaheslované folder, the browser prompts the user to insert the user name and password. There are also the server modules that display this dialogue as part of the page. You can also send user name and password (unencrypted) in the URL:
http://uzivatel: heslo@www.server.cz/slozka/