SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Enthusiast
    Join Date
    Jul 2002
    Posts
    95
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Program for hiding or protecting files on the server

    Is there a program or a way that I can hide a file on the server or to password protect it?

    Cause I want to make an external JavaScript file that handles password login. So if I include it in the HTML file, anyone can view the source and find the password. If JavaScript is an external file, anyone can download it and then view the password.

    So... can I protect this file from users?

    I know there are more sophisticated ways to do it, but I still want to know this.

    Thanks!

  2. #2
    Blissed off
    Join Date
    Feb 2001
    Posts
    422
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Put the file you want in a folder.

    Password protect that folder using .htaccess.

  3. #3
    Super Ninja Monkey Travis's Avatar
    Join Date
    Dec 2001
    Location
    Sioux City, Iowa
    Posts
    691
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Wouldn't the user's browser cache that file when it accessed it? If it did get cached then they could just find it on their computer.
    Travis Watkins - Hyperactive Coder
    My Blog: Realist Anew
    Projects: Alacarte - Gnome Menu Editor

  4. #4
    Grumpy Mole Man Skunk's Avatar
    Join Date
    Jan 2001
    Location
    Lawrence, Kansas
    Posts
    2,066
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: Program for hiding or protecting files on the server

    Originally posted by Rok
    Cause I want to make an external JavaScript file that handles password login. So if I include it in the HTML file, anyone can view the source and find the password. If JavaScript is an external file, anyone can download it and then view the password.

    So... can I protect this file from users?
    No. If a browser can read the file (which it has to do in order to execute the javascript inside it) then a user can view the file as well, with view source or by checking their browser cache or even by "faking" being a browser and tricking your server in to handing the file over.

    If you want to secure an area of your site javascript is not the solution - you need a server side technology. As wert said, if you are running apache you can use a .htaccess file to password protect a directory of your site. Alternatively you could look in to a more complicated solution involving a server side language such as PHP, ASP or Perl.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •