Password protect with Godaddy.com?

[DanielaQ]

I can find the password protection option in my hosting manager.

There?s another simple way to protect the access to my admin.

 

Thanks

 

Daniela

[Wendy James]

There are several contributions you could install. Look through these to see if there is something that could work for you

http://www.oscommerce.com/community?contri...in&category=all

 

otherwise you will need to create an htaccess and htpasswd file.

[osmyrna]

I can find the password protection option in my hosting manager.

There?s another simple way to protect the access to my admin.

 

Thanks

 

Daniela

 

WHERE can you find this option in GoDaddy's hosting manager???

I've looked, and I can't find anything.

osmyrna

[shayrgob]

WHERE can you find this option in GoDaddy's hosting manager???

I've looked, and I can't find anything.

osmyrna

 

yeah, I've looked too. I called godaddy and they told me it doesn't exist.

[osmyrna]

Well, I had a thought today, and I'm not an expert on anything so I don't know if it is really silly - BUT it seems to me that if I re-name my admin folder fred via ftp whenever I'm not working on the site, nobody can do anything with anything except on the occasions I re-name it admin and do work. Is there a flaw in my thinking?

Osmyrna

[Daemonj]

Other than that being a major PITA, it will work assuming that your admin/includes/configure.php file's settings are correct.

 

Your life will be easier by changing the admin folder to a different name and establishing a password protection scheme.

 

Well, I had a thought today, and I'm not an expert on anything so I don't know if it is really silly - BUT it seems to me that if I re-name my admin folder fred via ftp whenever I'm not working on the site, nobody can do anything with anything except on the occasions I re-name it admin and do work. Is there a flaw in my thinking?

Osmyrna

[Daemonj]

In answer to password protecting with GoDaddy, please see this topic.

[osmyrna]

In answer to password protecting with GoDaddy, please see this topic.

 

This has been a topic of great discussion which I followed a couple months ago. I did everything as advised and got the .htaccess files etc. all done and on my site, with the result that I was prompted constantly for password but could finally get rid of the prompt by just clicking on cancel repeatedly. I read a lot about other people having this problem and various glitches about the protection not really being there. I finally just had to remove all the .htaccess stuff I had put into the site so I could get anything done. I have not seen anything that is said to work properly on godaddy - even godaddy says it won't work, in their help column, although they say it is possible to do something with perl that would work. I downloaded something that is supposed to work but don't have the vaguest idea how to accomplish it and don't want to just mess everything up again. Unfortunately, at this point, it just seems one heck of a lot easier to re-name the admin folder fred whenever I'm not working with it and get on with creating the rest of it rather than continuing to obsess on something that's way over my head.

Thanks.

osmyrna

[jhilgeman]

I can find the password protection option in my hosting manager.

There?s another simple way to protect the access to my admin.

 

Thanks

 

Daniela

 

I'm a little late on the response, but I just had a client who decided to host with GoDaddy and I ran into the same trouble. It was a little more complicated since he was updating the pages with a WYSIWYG editor and they were plain HTML pages.

 

So I ended up creating a simple system that worked. I first created the .htaccess file in the web root and added the following line:

AddHandler x-httpd-php .html

 

That makes the PHP engine run all files that end with the .html extension. Then I created a PHP file called php_authentication.php that looks like this:

 

<?

$ValidLogins = array();

$ValidLogins["admin"] = "password";

 

$SecuredAreas = array();

$SecuredAreas[] = "/securearea1.html";

$SecuredAreas[] = "/securearea1.html";

$SecuredAreas[] = "/otherdir/secured.html";

 

$BaseURL = substr($_SERVER["SCRIPT_FILENAME"],0,(strlen($_SERVER["SCRIPT_FILENAME"]) - strlen($_SERVER["PATH_INFO"])));

 

$IsSecuredArea = false;

foreach($SecuredAreas as $SecuredArea)

{

if($_SERVER["PATH_INFO"] == trim($SecuredArea))

{

$IsSecuredArea = true;

break;

}

}

 

if($IsSecuredArea)

{

// By default, we are NOT authenticated!

$AuthenticationSuccessful = false;

 

// Do we have an attempt?

if(IsSet($_SERVER["PHP_AUTH_USER"]))

{

// Is it a valid user?

if(IsSet($ValidLogins[$_SERVER["PHP_AUTH_USER"]]))

{

// Is it a valid password for that user?

if($ValidLogins[$_SERVER["PHP_AUTH_USER"]] == $_SERVER["PHP_AUTH_PW"])

{

$AuthenticationSuccessful = true;

}

}

}

 

if(!$AuthenticationSuccessful)

{

auth_user();

}

}

 

function auth_user()

{

global $BaseURL;

header('WWW-Authenticate: Basic realm="Secured Area"');

header('HTTP/1.0 401 Unauthorized');

die("Failed authorization");

}

?>

 

Now, I COULD'VE just include-d this file at the top of every HTML page. But GoDaddy gives you access to the php.ini file for your account, so I just opened up that sucker and added the full path to that script in the auto_prepend_file variable so it looked like this:

 

auto_prepend_file = /home/content/myclient/html/php_authentication.php

 

And presto, I got HTTP authentication working perfectly.

[Jack_mcs]

yeah, I've looked too. I called godaddy and they told me it doesn't exist.

That's not true, at least on their Linux servers, since I have used it before. If you are on the Windows server, it might be the case. Just ask them to move your site to the Linux server.

 

Jack