Loading ...
Sorry, an error occurred while loading the content.

[NH] Re: members' only area

Expand Messages
  • Lawrence M Hamilton, Jr.
    Chris, On Mon, 15 Nov 1999 09:19:09 -0800 chrispye@woodcarver.force9.co.uk ... There is no way to do this with HTML alone. If you are on an ISP that lets you
    Message 1 of 12 , Nov 15, 1999
    • 0 Attachment
      Chris,

      On Mon, 15 Nov 1999 09:19:09 -0800 chrispye@...
      writes:
      >
      > I want to create a 'members' only' page on my website for downloads
      > and special information - to be accessed through a password, individual

      > to (chosen by) the member. How do I do this? I'm writing in HTML4.
      > Thanks in advance!
      > Chris

      There is no way to do this with HTML alone. If you are on an ISP that
      lets you write CGI or other scripts, or gives access to them, you can do
      this. The only other way is to use javascript, and Joe Bart, a fellow
      NoteTabber has a tutorial done in HTML form to use a javascript he
      developed called Gatekeeper. I use the older version, only because I have
      not had time to implement his latest version. He also has some very
      well-done HTML tutorials.

      Here is the URL:

      http://junior.apk.net/~jbarta/


      Larry Hamilton, Jr. lmhamilton@...
      Hamilton National Genealogical Society, Inc.
      http://www.HamiltonGenSociety.org/
      My Web Site: http://notlimaH.tripod.com


      ___________________________________________________________________
      Get the Internet just the way you want it.
      Free software, free e-mail, and free Internet access for a month!
      Try Juno Web: http://dl.www.juno.com/dynoget/tagj.
    • Lawrence M Hamilton, Jr.
      Grant, Thanks for the link! I had to check it out since I went to school in Rolla, MO (UMR). I was in the first year of students that did not have to do
      Message 2 of 12 , Nov 15, 1999
      • 0 Attachment
        Grant,

        Thanks for the link! I had to check it out since I went to school in
        Rolla, MO (UMR). I was in the first year of students that did not have to
        do programming with punchcards (fall 1983).

        On Tue, 16 Nov 1999 08:54:05 +1300 "Grant" <emerge@...> writes:
        > For an ASP solution try this article from the great 4guysfromrolla
        > site.
        >
        > Password Protecting Your Site By Rob Taylor
        > http://www.4guysfromrolla.com/webtech/080899-1.2.shtml


        Larry Hamilton, Jr. lmhamilton@...
        Hamilton National Genealogical Society, Inc.
        http://www.HamiltonGenSociety.org/
        My Web Site: http://notlimaH.tripod.com

        ___________________________________________________________________
        Get the Internet just the way you want it.
        Free software, free e-mail, and free Internet access for a month!
        Try Juno Web: http://dl.www.juno.com/dynoget/tagj.
      • Grey Cat
        While you can get java apps which will let you password a web page, an easier solution is to just give the name of the page to those who are allowed on it.
        Message 3 of 12 , Nov 15, 1999
        • 0 Attachment
          While you can get java apps which will let you password a web page, an
          easier solution is to just give the name of the page to those who are
          allowed on it. i.e. wanttoknow.com/secrets.html

          With this, regular surfers will just go to wanttoknow.com and only your
          chosen ones will know to type in the extra page name!

          Cat
          ----- Original Message -----
          From: <chrispye@...>
          To: <ntb-html@egroups.com>
          Sent: Monday, November 15, 1999 12:19 PM
          Subject: [NH] members' only area


          >
          >
          > I want to create a 'members' only' page on my website for downloads and
          > special information - to be accessed through a password, individual to
          > (chosen by) the member. How do I do this? I'm writing in HTML4.
          > Thanks in advance!
          > Chris
          >
          >
          > ------------------------------------------------------------------------
          > Looking for the latest consumer electronic gadgets or computer
          > equipment? eBay has thousands of audio equipment, computer
          > games & accessories. You never know what you might find at eBay!
          > http://clickhere.egroups.com/click/1142
          >
          > -- Easily schedule meetings and events using the group calendar!
          > -- http://www.egroups.com/cal?listname=ntb-html&m=1
          >
          >
          >
        • Bill Scott
          Hi Chris: I used a cgi script called access denied ... your ISP must be able to run cgi scripts you can see it in action by clicking on my Online Puppy Link
          Message 4 of 12 , Nov 15, 1999
          • 0 Attachment
            Hi Chris:

            I used a cgi script called access denied ... your ISP must be able
            to run cgi scripts
            you can see it in action by clicking on my Online Puppy Link below
            then click on
            the articles link .....

            ........ it was easy to install if you have worked with cgi
            scripts and are a wee bit familiar with Unix conventions ...
            It is free for the down loading just go to solutionscripts.com and
            download and install it ... comes with directions ...
            # Access Denied version 1.1
            #
            # Created by: Solution Scripts
            # Email: solutions@...
            # Web: http://solutionscripts.com


            Happy Stockdoggin......

            Bill *||:>)

            Border Collies N Stuff

            http://www.stockdogsaction.com/OTHER/index.html

            Online Puppy Tutorial

            http://www.stockdogsaction.com/OTHER/puppies.htm
          • Jody
            Hi Grey, ... That is good for just regular stuff that you only want to keep the average user away from, but has to used on the first level. Look at these for
            Message 5 of 12 , Nov 15, 1999
            • 0 Attachment
              Hi Grey,

              > ...just give the name of the page to those who are allowed on
              > it. i.e. wanttoknow.com/secrets.html

              That is good for just regular stuff that you only want to keep
              the average user away from, but has to used on the first level.
              Look at these for instance:

              http://www.sureword.com/album/albums/
              http://www.sureword.com/album/albimg/

              Joe Barta's GateKeeper is a little harder to get into and he said
              nobody ever has told him they could get in. He says it can be
              done though.

              You need to go cgi or the like for good security.

              Happy HTML'n!
              Jody

              http://www.sureword.com/notetab

              The NoteTab and Html List...
              mailto:Ntb-html-Subscribe@...
              mailto:Ntb-html-UnSubscribe@...
            • Larry Thomas
              Hi Kate, ... This does have one problem. I have found on occassion when I am surfing a web site that i can click on my URL box in Netscape and start deleting
              Message 6 of 12 , Nov 15, 1999
              • 0 Attachment
                Hi Kate,

                At 07:11 PM 11/15/1999 -0500, you wrote:
                >While you can get java apps which will let you password a web page, an
                >easier solution is to just give the name of the page to those who are
                >allowed on it. i.e. wanttoknow.com/secrets.html
                >
                >With this, regular surfers will just go to wanttoknow.com and only your
                >chosen ones will know to type in the extra page name!

                This does have one problem. I have found on occassion when I am surfing a
                web site that i can click on my URL box in Netscape and start deleting
                sections of the name back to sucessive slashes. Then press enter. Then I
                get a directory listing for the server site which will list like an
                explorer directory. When this happens, I can go to any html page listed in
                that on line folder including wanttoknow.com/secrets.html. This is not
                true of all sites but it does happen and you should check out your server
                before doing this.

                Regards,

                Larry
                larryt@...
              • chrispye@woodcarver.force9.co.uk
                Hi Thanks everyone for their suggestions - boy you re quick! - gives me some avenues to explore. I ll post the solution I end up with. Chris ...
                Message 7 of 12 , Nov 16, 1999
                • 0 Attachment
                  Hi
                  Thanks everyone for their suggestions - boy you're quick! - gives me
                  some avenues to explore. I'll post the solution I end up with.
                  Chris

                  ---------------------------
                  www.chrispye-woodcarving.com
                  Dedicated to the teaching, learning, and love of woodcarving
                • Mark Pulver
                  ... This depends on the server configuration... If this happens on your hosting service, then it s a huge security hole. You should bring it up to your site
                  Message 8 of 12 , Nov 16, 1999
                  • 0 Attachment
                    Larry Thomas (09:05 PM 11/15/1999) wrote:

                    >This does have one problem. I have found on occassion when I am surfing a
                    >web site that i can click on my URL box in Netscape and start deleting
                    >sections of the name back to sucessive slashes. Then press enter. Then I
                    >get a directory listing for the server site which will list like an
                    >explorer directory. When this happens, I can go to any html page listed in
                    >that on line folder including wanttoknow.com/secrets.html. This is not
                    >true of all sites but it does happen and you should check out your server
                    >before doing this.

                    This depends on the server configuration...

                    If this happens on your hosting service, then it's a huge security hole.
                    You should bring it up to your site admin or tech support folks and have
                    them configure the server to not allow directory browsing.


                    Mark

                    __________________________________________________
                    Check out the Waldorf Q: http://www.midiwall.com/q
                  • Jody
                    Hi Mark, ... I just had them turn it on for me *on* mine, but not allow to get to my parent folder. Happy HTML n! Jody http://www.sureword.com/notetab The
                    Message 9 of 12 , Nov 16, 1999
                    • 0 Attachment
                      Hi Mark,

                      >> This is not true of all sites but it does happen and you
                      >> should check out your server before doing this.
                      >
                      > This depends on the server configuration...
                      >
                      > If this happens on your hosting service, then it's a huge
                      > security hole. You should bring it up to your site admin or
                      > tech support folks and have them configure the server to not
                      > allow directory browsing.

                      I just had them turn it on for me *on* mine, but not allow to get
                      to my parent folder.

                      Happy HTML'n!
                      Jody

                      http://www.sureword.com/notetab

                      The NoteTab and Html List...
                      mailto:Ntb-html-Subscribe@...
                      mailto:Ntb-html-UnSubscribe@...
                    • Mark Pulver
                      Jody (10:16 AM 11/16/1999) wrote: Hi Jody! ... YIKES! :) Well, the problem with it Jody is that while it can be seen as a convenience when you just wanna drop
                      Message 10 of 12 , Nov 16, 1999
                      • 0 Attachment
                        Jody (10:16 AM 11/16/1999) wrote:

                        Hi Jody!

                        >>> This is not true of all sites but it does happen and you
                        >>> should check out your server before doing this.
                        >>
                        >> This depends on the server configuration...
                        >>
                        >> If this happens on your hosting service, then it's a huge
                        >> security hole. You should bring it up to your site admin or
                        >> tech support folks and have them configure the server to not
                        >> allow directory browsing.
                        >
                        >I just had them turn it on for me *on* mine, but not allow to get
                        >to my parent folder.

                        YIKES! :)

                        Well, the problem with it Jody is that while it can be seen as a
                        convenience when you just wanna drop files into a folder and point someone
                        to the subdir, it's easy to forget that it's there.

                        I have a lot of nooks and crannies on my site that I really don't want
                        people in. Things like SQL admin pages, the source code for my search
                        engine, index files and archives for things, SQL table dumps, source for an
                        NNTP ripper, etc.

                        Remember also that depending on the rest of the server config, it may be
                        sensitive to finding "index" (or "default") .html, .htm, .shtml, .htd,
                        .htdl and others in a directory. This can become a can of worms if someone
                        wanders into a directory.

                        Once you allow someone to walk around your site, you're opening doors for
                        people to find things that they may think they want. If they even _think_
                        they want it, they will get it.


                        Be careful out there... :)

                        Mark
                      • Jody
                        Hi Mark, ... I understand all that, but *for me* everything I have on my site I have it there for people to get - I don t put anything on the web - even under
                        Message 11 of 12 , Nov 16, 1999
                        • 0 Attachment
                          Hi Mark,

                          >> I just had them turn it on for me *on* mine, but not allow to
                          >> get to my parent folder.
                          >
                          > YIKES! :)

                          > Once you allow someone to walk around your site, you're opening
                          > doors for people to find things that they may think they want.
                          > If they even _think_ they want it, they will get it.
                          >
                          >
                          > Be careful out there... :)

                          I understand all that, but *for me* everything I have on my site
                          I have it there for people to get - I don't put anything on the
                          web - even under a password protected area - that I would not
                          want them to have. (Not that I have one - use to use Gatekeeper
                          for fun, but took it down.)

                          Happy HTML'n!
                          Jody

                          http://www.sureword.com/notetab

                          The NoteTab and Html List...
                          mailto:Ntb-html-Subscribe@...
                          mailto:Ntb-html-UnSubscribe@...
                        • Marco Bernardini
                          ... Remember also to add to your root directory the file robots.txt to disallow private directories: if you write the file secrets.html I guess you don t
                          Message 12 of 12 , Nov 17, 1999
                          • 0 Attachment
                            >From: chrispye@...
                            >Subject: [NH] members' only area
                            >I want to create a 'members' only' page on my website

                            >From: "Grey Cat" <greycat@...>
                            >easier solution is to just give the name of the page to those who are
                            >allowed on it. i.e. wanttoknow.com/secrets.html

                            >From: Jody <KJB1611@...>
                            >You need to go cgi or the like for good security.

                            >From: Mark Pulver <mpulver@...>
                            >You should bring it up to your site admin or tech support folks and have
                            >them configure the server to not allow directory browsing.

                            Remember also to add to your root directory the file "robots.txt" to
                            disallow private directories: if you write the file "secrets.html" I guess
                            you don't like a link on AltaVista... even if the file is password protected.

                            To avoid directory browsing it's enough to put into it an index.html file
                            pointing elsewhere with a META redirection. BTW, the file "default.htm" is
                            a standard only on NT servers...

                            If your provider use Apache you can do a lot of interesting things with a
                            directory: for example, you can hide some files from browsing, leaving
                            visible other files.

                            I suggest you to download Apache server (it runs even on Win95!).
                            You can run it locally at the address http://localhost (there is a way to
                            add local web addressess, but it's out of topic here) and you can
                            experience everything you need *before* to put online your stuff, even CGI,
                            counters and so on.
                            I use it to "teach Internet" without the need of a modem.

                            Another solution can be a FileMaker 4.x server: the database can track
                            users and passwords, giving a very personal access to visitors, and there
                            is no need of CGI. Moreover, the same file can be used on Win and Mac.

                            Hope this helps!

                            Bye

                            Marco Bernardini
                            webmaster at
                            http://www.taggiasca.com
                            unofficial personal page:
                            http://marco.giorgiobernardini.com
                          Your message has been successfully submitted and would be delivered to recipients shortly.