Password Protecting A Folder On UNIX-based Website
Jul 23, 2005
I'm working on a project that requires files to be password
protected on a UNIX based site. The people that own the web site want
to be able to change the password every so often. Unfortunately, I
have restricted access only to FTP so I really can't log in to any kind
of Administrative Console or Admin Panel and see if there are folders
that can be password protected and then have passwords changed on them.
The people I'm contracted to work on the site for aren't the most
computer savvy people though....so..my question is:
Is there a user friendly way of password protecting a folder on a UNIX
based site?
If you click on 'Tide' you can see the password prompt appears. But the problem I am having is that even if you press cancel or do the wrong password a few times it still open up the shadow box.
This is the script for the password protection
This is an example of how a working (non shadowbox) version works successfully.
I am trying to hide my JavaScript source. The method I chose was to keep all the important source in a password protected folder, and then use a SRC="folder/script.js" to include it in my code. This way, the script will run, but the user will be unable to view the included code. Or so I think :).
I have tried this method, and it seems to work. However, I would like to know if you can see any problems with this. For instance, can you think of a way to bypass this and get at script.js? Can you foresee any problems that would arise as a result of keeping scripts behind password protected folders? Any other security concerns?
I have often noticed that most times when we register to a website it asks for a long length password. Why is this so?? What not use shorter length passwords as it would be much more easier to learn.
Originally I had the following code. What it does is for a user to type the folder name of their choice and then after clicking submit a window will pop open and they will be taken to "C:folder" (assuming the user typed "folder" and such a folder existed). Here is the code in case I wasn't clear.
I'm trying to get a lightbox running on the following page: [URL] I think the problem is a conflict between the imageflips I'm using and the lightbox script:
We've developed a web application with static & iframes, each time we interact with the links in the static frame gives results in the iframe. it has a custom back button in the static menu frame. this back button working fine in IE7 IE8 but not properly working in IE9 it goes 3 sometimes 4 pages back.
we are using history.go(-1) is there any other way to make it work in IE9, even pressing the Backspace key wont work. we've tried many ways but no use.
i have created one simple login form with 5 fields namely username,email id,password,retype password and phone no.i have created alert message for each function,so that when there is an error it displays alert message..now i have to replace all alert messages with inline validation(displays errors beside textbox).
below is the code for simple login form having fields username,email id,password,retype password and phone no. i have done inline validation forcheckName() .i am not getting for the other fields can u tell me how to do it..
I'm having trouble getting two password boxes to work on the same page, which I created using the JavaScript Kit Encrypted Password Generator [URL].
I've used the code that this generator produces, with some modifications as given by cheesebagpipe [URL]. These changes enable the user to press the keyboard's enter key to submit the password (as an alternative to clicking the submit button), and will also refocus the text box and select the text in it if the user enters the wrong password.
The code works fine on pages with just one box (e.g. [URL]), but what changes are needed to make two work on the same page? (I'm new to web design and clueless when it comes to JavaScript, which I know isn't the most secure method of password protection, but will do for now).
At the moment, on pages with two boxes (e.g. [URL]), neither of the boxes work; this appears in the address bar instead: [URL] ('help!'=whatever has been entered in the text box).
This is a secure solution for password protection with JavaScript. It works by encrypting the password and the content. Nothing is revealed in the source code, and it cannot be beaten by disabling JavaScript.
The download contains three files:
Protect Content.html lets you generate your own protected content.
Demo.html is a protected document, and as long as it remains unbroken, it's your proof that this software works. You can also use it as a template for your own protected pages.
Demo, with hint.html is another protected document that tells you the password. This is meant to show that the first demo is not a trick or a fake.
<%@ Language=VBScript EnableSessionState=False %> <%Option Explicit%> <% Response.Buffer = True Response.Expires = 0 'Prevents caching of the content %> <% Dim strScripts Dim ipsp, iFNum Dim fso, file Dim strReferer Dim bRM = False
Dim Scripts(13) Scripts(0) = "Script1.js" ... Scripts(13) = "Script13.js"
strReferer=Request.ServerVariables("HTTP_REFERER") 'compare referer to the address of the page that uses the 'scripts and continue only if matches. This will allow access 'only by your file
strScripts=Request.QueryString("Scripts") set fso = Server.Createobject("Scripting.FileSystemObject")
While Len(strScripts) > 0 ipsp = InStr(1,strScripts,",") If ipsp = 0 Then iFNum=CInt(strScripts) strScripts="" Else iFNum=CInt(Left(strScripts,ipsp-1)) strScripts = Right(strScripts, Len(strScripts) - ipsp) End If set file = fso.opentextfile(Server.MapPath(Scripts(iFNum)), 1) Response.Write(file.ReadAll) file.close set file = nothing
Wend
set fso = nothing
%>
Hope this will extinguish some of the code protection debates. If you see holes in the suggested approach let me know. It still does not protect from net traffic sniffers ....
I made a form, but I don't want just anyone to be able to use it. So I was wondering if it was possible for the page to check if they were logged into my forum.
I website I've seen recently uses a clever technique, which I'm still working to figure out. When you go to view an image, a pop-up window opens -- the image is downloaded (non-cached) and then some javascript (presumably) loads a replacement image in its place (it's not displayed) -- when you go to save it, you get the dummy image.
Further, they make some javascript call (presumably, or jquery) to replace the document content of that page, so when you do a View Source, you get something totally different.
How this is actually working, and whether something like that could be cross-browser supported.
I have designed a template for a script in html and planning to sell it, but i am too concerned with piracy because i need money urgently for my further studies and piracy will ruin it,
So is there anyway you can suggest from protecting it?
The 1 way i have in mind is the first time the template loads it send the domain name using the template to my site and automatically placing a php file in another directory so that if i find the user malicious (using the pirated copy) i can disable the template and request him to buy a legitimate copy.
And can that javascript be divided into parts? like 1 part in header another in body and so on, so that it is hard to find the code.
I know there is no 100% full proof way of securing but having done little from our side can also help us avoid few pirate's .
ive recieved a counter that ads up a fixed value per second starting from 01-01-03.
This java script acts perfectly on MSwindow based system but when shown on an UNiX-like system the script presents a negative value resp. adding up or down. How can i correct this?
I am trying to prevent an email address from being spammed as spammers use spidering tools to scan the internet for exposed email addresses in plain text.
I am using a technique and I'm not sure whether it will deter spam bots.
I have an external Javascript file with the following variables:
var usr = "mark"; var at = "@"; var domain = "fullmarksdrivingschool.co.uk";
[Code].....
When I open the web page in a browser the email address displays correctly but does this technique work to prevent spammers from indexing the email address?