Is it possible to set up a page so only users that have a vailid ID and PASS can enter (I'm almost sure its possible)? If it is, can someone please tell me how?


http://www.thefinalhaven.com

You can secure a directory so that access will require a userid and password. then put your page in that directory. tutorial here:

http://help.powweb.com/tutorials/htaccess/passprotect.php

Disreguard this, I fixed the problem.

Originally posted by B&T
You can secure a directory so that access will require a userid and password. then put your page in that directory. tutorial here:

http://help.powweb.com/tutorials/htaccess/passprotect.php

Thanks muchly for the message, I was wondering how to do that. The encryption page you referenced sure generated a strange series of characters, but I assume PW will correctly recognize them.

Just wondering -- how easy would it be to DECRYPT those codes...? Not that I have anything to hide anyway, but curiosity is piqued. Only reason I want to keep SOME folks out of SOME pages is that they may have projects in progress that I want beta testers to look over or the like.

It's hard to decrypt the password - as it's a one-way hash function, but the password file is not readable by http if you do it right - put it in a folder outside htdocs (such as in your top-level ftp folder.)

When I went to use that, it had a different encription each time...I thought I might be doing something wrong until I used one of them and it let me in.

That's right - it uses a different "salt" for the hash each time, making it harder to recover a valid password. But it does still work.