FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Restricting access to a website
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Restricting access to a website [message #174863 is a reply to message #174858] Wed, 13 July 2011 23:17 Go to previous messageGo to previous message
The Natural Philosoph is currently offline  The Natural Philosoph
Messages: 993
Registered: September 2010
Karma:
Senior Member
Luuk wrote:
> On 13-07-2011 21:43, The Natural Philosopher wrote:
>> Luuk wrote:
>>> On 12-07-2011 02:38, Jerry Stuckle wrote:
>>>> On 7/11/2011 7:24 PM, Chuck Anderson wrote:
>>>> > Jerry Stuckle wrote:
>>>> >> On 7/11/2011 4:08 PM, Graham Hobbs wrote:
>>>> >>> On Sun, 10 Jul 2011 22:21:41 -0400, Jerry Stuckle
>>>> >>> <jstucklex(at)attglobal(dot)net> wrote:
>>>> >>>
>>>> >>>> On 7/10/2011 10:01 PM, Graham Hobbs wrote:
>>>> >>>>> Hello,
>>>> >>>>>
>>>> >>>>> I 'very laboriously' coded my index.php (close to novice level),
>>>> >>>>> for
>>>> >>>>> my website and it is up and running. It's not public yet and
>>>> >>>>> needs to
>>>> >>>>> stay that way. I need to give the address to two people who will
>>>> >>>>> help
>>>> >>>>> with my product's development .. but they could reveal the address
>>>> >>>>> anywhere, inadvertently or otherwise.
>>>> >>>>>
>>>> >>>>> If, for example, my website is www .lahdedah. com, I want to allow
>>>> >>>>> full access to these two people (and me:-)) .. others would get a
>>>> >>>>> 'Sorry, not yet available' screen. I envision hard coding their
>>>> >>>>> home
>>>> >>>>> address's into my index.php?? Am not interested in any additional
>>>> >>>>> typing by these three.
>>>> >>>>>
>>>> >>>>> Hope I've been clear. Is this feasible, easy/hard/unusual?
>>>> >>>>> Please, thanks
>>>> >>>>> Graham
>>>> >>>> There are any number of ways to do it, none of which require PHP or
>>>> >>>> any
>>>> >>>> other server-side language. Try alt.apache.configuration
>>>> >>>> (assuming, of
>>>> >>>> course, you're using Apache).
>>>> >>>>
>>>> >>>> Also, unless you are David Small of Small Expressions, you
>>>> >>>> shouldn't be
>>>> >>>> using his domain name in an example. Use www.example.com, which is
>>>> >>>> reserved for just such a purpose.
>>>> >>> ---
>>>> >>> Jerry, folks, thanks,
>>>> >>>
>>>> >>> Will check into alt.apache.configuration and apologies about
>>>> >>> lahdedah,
>>>> >>> didn't know about example.com.
>>>> >>>
>>>> >>> But I wasn't emphatic enough .. yes I would know their IP
>>>> >>> addresses so
>>>> >>> CAN I hard code them in my index.php? Yes or no would do and a PHP
>>>> >>> buzzword I might search on to get started .. I just prefer all my
>>>> >>> code
>>>> >>> in one place.
>>>> >>>
>>>> >>> .. am definitely not interested in extra keying of passwords by my
>>>> >>> two
>>>> >>> associates.
>>>> >>>
>>>> >>> Thanks,
>>>> >>> Graham
>>>> >> You definitely need alt.apache.configuration. No need to do anything
>>>> >> to your php code.
>>>> >>
>>>> > If you know the IP addrs - simply compare them to the Php global
>>>> > $SERVER['REMOTE_ADDR'].
>>>> >
>>>> >
>>>> No need to even go to that trouble. It can all be done in the Apache
>>>> configuration with no changes to the web pages at all.
>>>>
>>> Jerry,
>>> Can you explain the REAL benefits of doing this in apache,
>>> despite the fact that this is a PHP-newsgroup?,
>>>
>> Never heard of jerry explaining anything.
>>
>>> And the real drawbacks from changing a bit to his own php-code just for
>>> this case?
>>>
>>> I simply dont understand why sending him away to
>>> alt.apache.configuration is better ....
>>>
>> No, its just Jerry being dumb and stubborn as usual.
>>
>> On the basis that te OP wants to play in the PHP sandpit and not the
>> Apache sandpit the optimal and more than adequate solution is to use the
>> pre-loaded variables to examine the browser remote IP address and
>> display page material contingent on that.
>>
>> Its a far more powerful and flexible way, and is the sort of thing you
>> might use to say 'Vous etes en France, Pour la version en Anglais, ici->'
>>
>> (You could aslo reconfigure your firewall to only allow physical IP
>> access from them:Sledgehammers and nuts)
>>
>>
>> As opposed to 'enter name and password to see my crap test website'
>>
>> You have to do the latter of your victims are on dynamic addresses though.
>>
>>>
>
> I understand that,
> and indeed, in this case PHP should do well,
>
> When i was a employee of a firewall-selling-company, i would probably
> reconfigure my (hardware-)firewall ;)
>
> And, last (but not least), when i did not know enough about PHP, i would
> add some rules to my apache-config.....
>

Ive done all the options in various places.

One thing that has become standard is to include on a site of related
pages a standard file that - usually - does things like user
authentication and drawing menu buttons and suchlike

If that is common to all pages, it solves the problem of having to patch
many to ensure authentication across a whole site.
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: how to implement AJAX to html
Next Topic: sending email
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Wed Nov 27 15:35:37 GMT 2024

Total time taken to generate the page: 0.04236 seconds