Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > HTML > password protecting a folder

Reply
Thread Tools

password protecting a folder

 
 
freemont
Guest
Posts: n/a
 
      01-15-2010
On Fri, 15 Jan 2010 12:56:49 +0000, Doug Miller writ:

> In article <V0Y3n.1479$(E-Mail Removed)>, "rf"
> <(E-Mail Removed)> wrote:
>>And this is where RtS, having been proven wrong, disappears from the
>>thread.

>
> Question: I'm still fairly new here. I've seen a number of people refer
> to him as RtS; apparently the R stands for his name, Richard -- what
> about tS?
>
> I have a few speculations... but I think I'd prefer to keep them to
> myself just now...


It's /not/ "Richard the Super-smart".
--
"Because all you of Earth are idiots!"
¯`·.¸¸.·´¯`·-> freemont© <-·´¯`·.¸¸.·´¯
 
Reply With Quote
 
 
 
 
Beauregard T. Shagnasty
Guest
Posts: n/a
 
      01-15-2010
Doug Miller wrote:

> "rf" <(E-Mail Removed)> wrote:
>> And this is where RtS, having been proven wrong, disappears from the
>> thread.

>
> Question: I'm still fairly new here. I've seen a number of people
> refer to him as RtS; apparently the R stands for his name, Richard --
> what about tS?
>
> I have a few speculations... but I think I'd prefer to keep them to
> myself just now...


<lol> Google for: Richard the St00pid

--
-bts
-Four wheels carry the body; two wheels move the soul
 
Reply With Quote
 
 
 
 
Doug Miller
Guest
Posts: n/a
 
      01-15-2010
In article <hiprml$rrm$(E-Mail Removed)-september.org>, "Beauregard T. Shagnasty" <(E-Mail Removed)> wrote:
>Doug Miller wrote:
>
>> "rf" <(E-Mail Removed)> wrote:
>>> And this is where RtS, having been proven wrong, disappears from the
>>> thread.

>>
>> Question: I'm still fairly new here. I've seen a number of people
>> refer to him as RtS; apparently the R stands for his name, Richard --
>> what about tS?
>>
>> I have a few speculations... but I think I'd prefer to keep them to
>> myself just now...

>
><lol> Google for: Richard the St00pid
>

Ohhhhhhhhh -- he's *that* Richard.
<smacks forehead>
Why didn't I realize that?
 
Reply With Quote
 
cwdjrxyz
Guest
Posts: n/a
 
      01-15-2010
On Jan 15, 4:36*am, "rf" <(E-Mail Removed)> wrote:
> cwdjrxyz wrote:
> > On Jan 13, 9:45 pm, "don" <(E-Mail Removed)> wrote:
> >> I have a folder in my public html folder which I would like to
> >> password protect so that only certain people would be able to open
> >> this link.

>
> >> How would I do this.......... my website is on a Unix hosting
> >> account...........www.mywebsite.com/privateFolder

>
> > You have had many replys that are useful. There is another method that
> > should work on any server. You can create an encrypted self-extracting
> > zip file of a file or whole directory containing many files. You then
> > upload this encrypted zip file to your server. When one goes to the
> > url, you are offered to download it. If you select to download it, you
> > then double click on the encrypted file. A screen comes up asking for
> > a password. If you give the proper password, and enter, the zip file
> > is automatically extracted to give the file or directory containing
> > several files that you protected. Since the protected zip file is an
> > application with extension .exe, that alone will scare many away who
> > do not know you. *If they insist on downloading anyway they are very
> > unlikely to be able to open the file if you use a very long password
> > containing upper and lower case letters and numbers. That is easy
> > enough to produce with a random password generator.

>
> I suggest that you do not offer any further advice on password protecting
> folders.
>
> > For an example, go tohttp://www.cwdjr.net/Aup/fan_dance.exe. The
> > password is althtml . Since this an .exe file, I suggest that anyone
> > who does not know me not try to open it since opening unknown
> > applications from groups can be a dangerous habit.

>
> My browser offers me the *ONLY* option of downloading this file.
>
> How is this an answer to merely requesting a password before viewing, in a
> browser, the contents of some folder?


You download the file no matter when you are required to enter the
password. In the case of my example you download to a selected file on
your computer. If you enter a password while still on the server, you
download to a temporary cache and automatically open the downloaded
file from the temporary cache. Thus the only real extra step in the
method I show is that you have to delete the file when you finish
viewing it, which requires less than 1 second if you are fast - just
right click and select delete.

 
Reply With Quote
 
Doug Miller
Guest
Posts: n/a
 
      01-15-2010
In article <(E-Mail Removed)>, cwdjrxyz <(E-Mail Removed)> wrote:
>On Jan 15, 4:36=A0am, "rf" <(E-Mail Removed)> wrote:
>> cwdjrxyz wrote:
>> > On Jan 13, 9:45 pm, "don" <(E-Mail Removed)> wrote:
>> >> I have a folder in my public html folder which I would like to
>> >> password protect so that only certain people would be able to open
>> >> this link.

>>
>> >> How would I do this.......... my website is on a Unix hosting
>> >> account...........www.mywebsite.com/privateFolder

>>
>> > You have had many replys that are useful. There is another method that
>> > should work on any server. You can create an encrypted self-extracting
>> > zip file of a file or whole directory containing many files. You then
>> > upload this encrypted zip file to your server. When one goes to the
>> > url, you are offered to download it. If you select to download it, you
>> > then double click on the encrypted file. A screen comes up asking for
>> > a password. If you give the proper password, and enter, the zip file
>> > is automatically extracted to give the file or directory containing
>> > several files that you protected. Since the protected zip file is an
>> > application with extension .exe, that alone will scare many away who
>> > do not know you. =A0If they insist on downloading anyway they are very
>> > unlikely to be able to open the file if you use a very long password
>> > containing upper and lower case letters and numbers. That is easy
>> > enough to produce with a random password generator.

>>
>> I suggest that you do not offer any further advice on password protecting
>> folders.
>>
>> > For an example, go tohttp://www.cwdjr.net/Aup/fan_dance.exe. The
>> > password is althtml . Since this an .exe file, I suggest that anyone
>> > who does not know me not try to open it since opening unknown
>> > applications from groups can be a dangerous habit.

>>
>> My browser offers me the *ONLY* option of downloading this file.
>>
>> How is this an answer to merely requesting a password before viewing, in =

>a
>> browser, the contents of some folder?

>
>You download the file no matter when you are required to enter the
>password. In the case of my example you download to a selected file on
>your computer. If you enter a password while still on the server, you
>download to a temporary cache and automatically open the downloaded
>file from the temporary cache. Thus the only real extra step in the
>method I show is that you have to delete the file when you finish
>viewing it, which requires less than 1 second if you are fast - just
>right click and select delete.
>

One thing I think you're missing is that anyone can download such a file,
even people you don't want to download it -- and once I've downloaded the file
to my computer, I can then proceed to crack your password at my leisure, and
there's nothing you can do about it because the file is on *my* machine and
out of your control.

If the directory is password-protected on *your* server, then a
properly-configured server will kick me out after a predetermined number of
unsuccessful attempts.
 
Reply With Quote
 
Jonathan N. Little
Guest
Posts: n/a
 
      01-15-2010
cwdjrxyz wrote:
> On Jan 15, 4:36 am, "rf"<(E-Mail Removed)> wrote:


>> How is this an answer to merely requesting a password before viewing, in a
>> browser, the contents of some folder?

>
> You download the file no matter when you are required to enter the
> password. In the case of my example you download to a selected file on
> your computer. If you enter a password while still on the server, you
> download to a temporary cache and automatically open the downloaded
> file from the temporary cache. Thus the only real extra step in the
> method I show is that you have to delete the file when you finish
> viewing it, which requires less than 1 second if you are fast - just
> right click and select delete.
>


But you are still missing the point, all you have done is password
protected *a* file and not the contents of a folder. The answer on
Apache servers is via .htacess file.

--
Take care,

Jonathan
-------------------
LITTLE WORKS STUDIO
http://www.LittleWorksStudio.com
 
Reply With Quote
 
cwdjrxyz
Guest
Posts: n/a
 
      01-15-2010
On Jan 15, 10:57*am, (E-Mail Removed) (Doug Miller) wrote:
> In article <(E-Mail Removed)..com>, cwdjrxyz <(E-Mail Removed)> wrote:
>
> >On Jan 15, 4:36=A0am, "rf" <(E-Mail Removed)> wrote:
> >> cwdjrxyz wrote:
> >> > On Jan 13, 9:45 pm, "don" <(E-Mail Removed)> wrote:
> >> >> I have a folder in my public html folder which I would like to
> >> >> password protect so that only certain people would be able to open
> >> >> this link.

>
> >> >> How would I do this.......... my website is on a Unix hosting
> >> >> account...........www.mywebsite.com/privateFolder

>
> >> > You have had many replys that are useful. There is another method that
> >> > should work on any server. You can create an encrypted self-extracting
> >> > zip file of a file or whole directory containing many files. You then
> >> > upload this encrypted zip file to your server. When one goes to the
> >> > url, you are offered to download it. If you select to download it, you
> >> > then double click on the encrypted file. A screen comes up asking for
> >> > a password. If you give the proper password, and enter, the zip file
> >> > is automatically extracted to give the file or directory containing
> >> > several files that you protected. Since the protected zip file is an
> >> > application with extension .exe, that alone will scare many away who
> >> > do not know you. =A0If they insist on downloading anyway they are very
> >> > unlikely to be able to open the file if you use a very long password
> >> > containing upper and lower case letters and numbers. That is easy
> >> > enough to produce with a random password generator.

>
> >> I suggest that you do not offer any further advice on password protecting
> >> folders.

>
> >> > For an example, go tohttp://www.cwdjr.net/Aup/fan_dance.exe. The
> >> > password is althtml . Since this an .exe file, I suggest that anyone
> >> > who does not know me not try to open it since opening unknown
> >> > applications from groups can be a dangerous habit.

>
> >> My browser offers me the *ONLY* option of downloading this file.

>
> >> How is this an answer to merely requesting a password before viewing, in =

> >a
> >> browser, the contents of some folder?

>
> >You download the file no matter when you are required to enter the
> >password. In the case of my example you download to a selected file on
> >your computer. If you enter a password while still on the server, you
> >download to a temporary cache and automatically open the downloaded
> >file from the temporary cache. Thus the only real extra step in the
> >method I show is that you have to delete the file when you finish
> >viewing it, which requires less than 1 second if you are fast *- just
> >right click and select delete.

>
> One thing I think you're missing is that anyone can download such a file,
> even people you don't want to download it -- and once I've downloaded the file
> to my computer, I can then proceed to crack your password at my leisure, and
> there's nothing you can do about it because the file is on *my* machine and
> out of your control.
>
> If the directory is password-protected on *your* server, then a
> properly-configured server will kick me out after a predetermined number of
> unsuccessful attempts.


If you use a long password consisting of both upper and lower case
letters and numbers generated by a random password generator, very few
people are qualified to crack it, and those who are must have some
good reason to do so to bother with it. I have cgi on my site(turned
off at the present), which allows download with a password, but it
would be a mistake to think that server side gives complete protection
either. You had better know what you are doing to write server side
scripts used for cgi. If you are not very careful you can end up with
something much worse than having your password protection cracked. You
can end up with your whole site defaced or taken down completely. In
short, there is no absolute method to protect anything on the web or
on your computer. People have spent much money and time attempting to
do so. Protection for DVD encryption and much more elaborate Blu-ray
encryption was soon cracked, and a business on an island state, where
it is not illegal, does a very good business in selling programs to
allow copying of encrypted DVD and Blu-ray discs. And the US CIA, the
Chinese, etc. are very good at cracking encryption if it is in their
interest to do so. Although server side scripting is very powerful for
the owner of the site, it also is very powerful for hackers. And don't
make the mistake of thinking that such problems are very important
only for Microsoft servers. A few years ago some hackers in Brazil
defaced a huge number of sites that were on non-Microsoft servers.
 
Reply With Quote
 
cwdjrxyz
Guest
Posts: n/a
 
      01-15-2010
On Jan 15, 12:08*pm, "Jonathan N. Little" <(E-Mail Removed)> wrote:
> cwdjrxyz wrote:
> > On Jan 15, 4:36 am, "rf"<(E-Mail Removed)> *wrote:
> >> How is this an answer to merely requesting a password before viewing, in a
> >> browser, the contents of some folder?

>
> > You download the file no matter when you are required to enter the
> > password. In the case of my example you download to a selected file on
> > your computer. If you enter a password while still on the server, you
> > download to a temporary cache and automatically open the downloaded
> > file from the temporary cache. Thus the only real extra step in the
> > method I show is that you have to delete the file when you finish
> > viewing it, which requires less than 1 second if you are fast *- just
> > right click and select delete.

>
> But you are still missing the point, all you have done is password
> protected *a* file and not the contents of a folder. The answer on
> Apache servers is via .htacess file.


In my example I am only protecting a file that is a simple jpg. This
and the simple password was to keep the example simple. However you
can equally well protect the contents of a folder containing many
files such as "pic" on my server which contains dozens of images -
after all the basis of the downloaded file is a zip file which could
even include a whole web site, if not too large. This method of course
would not be suitable for protecting php files unless you know all
computers that would download the file can open php local files, and
many can not do so. The viewing computer, in such a case, might then
have to upload the php file to their site to view it. I use an Apache
server, and htacess file is the most easy way to protect. However some
people are on other types of servers, and some on hosted servers have
little or no access to server control panel settings.

 
Reply With Quote
 
dorayme
Guest
Posts: n/a
 
      01-15-2010
In article
<(E-Mail Removed)>,
cwdjrxyz <(E-Mail Removed)> wrote:

....


cwdjrxyz, can you please email me?

I want to ask you something about a DVD of a home-made or semi-pro made
movie (nothing illegal, all decent and the owner even appears in it) I
have and am supposed to upload to youTube. It's a bit tricky. I would
appreciate your advice. Appreciate you using "cwdjrxyz about DVD" as
subject please so I can grab it from junk folder if it is in there...

Otherwise I will have to make a password protected file with my query in
it and send the password via carrier pidgeon! <g>

--
dorayme
 
Reply With Quote
 
cwdjrxyz
Guest
Posts: n/a
 
      01-15-2010
On Jan 15, 4:00*pm, dorayme <(E-Mail Removed)> wrote:
> In article
> <(E-Mail Removed)>,
>
> *cwdjrxyz <(E-Mail Removed)> wrote:
>
> ...
>
> cwdjrxyz, can you please email me?
>
> I want to ask you something about a DVD of a home-made or semi-pro made
> movie (nothing illegal, all decent and the owner even appears in it) I
> have and am supposed to upload to youTube. It's a bit tricky. I would
> appreciate your advice. Appreciate you using "cwdjrxyz about DVD" as
> subject please so I can grab it from junk folder if it is in there...
>
> Otherwise I will have to make a password protected file with my query in
> it and send the password via carrier pidgeon! <g>
>
> --
> dorayme


I have sent you a comment and a return address using the subject label
you suggested. If you do not receive the mail, post here.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Password Protecting a Folder on UNIX-based Website netsurfer Javascript 3 03-21-2005 01:38 PM
password protecting on page on a site RainLover HTML 1 08-04-2004 02:37 PM
Password Protecting a Page Michael HTML 2 04-18-2004 08:44 PM
Need advice on protecting a shared folder Steve Smith Computer Security 3 02-02-2004 11:42 PM
Password protecting areas Jon Agiato ASP .Net 2 08-23-2003 08:37 PM



Advertisments