2

I am looking at quickly password protecting a website, one folder on a server. I have played around with .htaccess and just realised that it's probably not working because it's likely it's sat on a windows server running PHP. I'am assumming this also means I can't use authenticate in PHP. Does any have any suggestions on a simple proctect I can implement in this scenario ? Thanks.

2 Answers2

1

Basic access authentication is not OS-specific. It's part of the HTTP standard, but the implementation details are webserver specific. .htaccess is how the Apacheweb server implements this (and other features). If you can do other things (like URL rewriting) via .htaccess, then authentication should also work. If not, you have to find out what webserver you're using (probably IIS) and how to configure basic auth there.

Michael Borgwardt
  • 381
  • 1
  • 6
  • Hmm, found out the hosting is with fasthosts - I can get into the panel but they charge for being able to configure basic auth. Is there anything I can do in PHP to achieve the same thing ? –  Aug 18 '10 at 13:35
1

If you're wanting to solve the problem in PHP solely, you could set a 'landing' page that requires a login or just password entry. Set up a cookie to store that information, then have each page check for the cookie. That's the way I would do it if I couldn't change the .htaccess file or wanted a PHP-only solution.

  • Cheers, that sounds like a plan. –  Aug 18 '10 at 13:45
  • 2
    note that this doesn't protect access from non-HTML/PHP files in your folder. You might want to move such files to a folder outside the webroot and forward them via a PHP site protected as Saladin describes it. –  Aug 18 '10 at 13:52
  • @nicolas78 Good point there. I didn't think of non-HTML/PHP content. –  Aug 18 '10 at 14:05