password protected part of site.

[hargi]

Got to make a simple website that needs part of it password protected, its just going to have one user ID and Password for the moment.
Can someone explane how it works. i know in javascript you can basically do something like if password is incorect go here or if it is correct go to this page.
But obviously people can get to that javascript code and find out the password or the protected webpage address.
What i wanna know is how does the better password protection stuff work.

 

[lozza]

use .htaccess, via your domain control panel

 

[hargi]

ok i found this

AuthName "members area"
AuthType Basic
AuthUserFile /SOMEDIR_OUTSIDE_ROOT/.htpasswd
require valid-user

is the "members area" the folder where i put all the pages i want to be secure?
and where would be a good place to put the htpasswd file

 

[Trigger]

ok i found this

AuthName "members area"
AuthType Basic
AuthUserFile /SOMEDIR_OUTSIDE_ROOT/.htpasswd
require valid-user

is the "members area" the folder where i put all the pages i want to be secure?
and where would be a good place to put the htpasswd file

Did you read any of that??

use .htaccess, via your domain control panel

 

[hargi]

ok i ll word it diferently
should the htpasswd file be in the folder that is been protected.

Dont have a domain control pannel i think i just upload the files to the server.

 

[hargi]

Found out that I cant use Htaccess on our webserver after talking to the network administrator. were using IIS, any other ideas

 

[elkdanger]

Since it's a windows server they'll have to set up a password-protected directory for you using Windows security, which depending on your hosting package they may or may not do this for you.

If not, you'll have to script some sort of protection system yourself. However if it's just to protect some files, this won't cut it.