Topic: authenticating users on website - PLEASE HELP

[Gregori]

I have set up SMEServer 5.0 and it's working great, but I have the need to restrict certain areas of the website to specific users, and I'm not sure how to do this. Can I just follow documentation on apache.org? or is there an easier way to add/remove users and set permissions? Any help or advice would be greatly appreciated!!!

peace -- gregori

[guestHH]

Hi,

Well that's what I call an OPEN question

1. We don't know how you made your website
2. We don't know which 'frame-work' you use
3. We don't know anything at all about your site...

so, we don't know the answer

Regards
guestHH

[Gregori]

thanks for your reply - I'm just trying to figure out how I can password protect a subfolder of my website.  For instance, let's say I have a site publically viewable, and I have a subfolder called 'private', is there a an easy way to manage users so that I can create a few profiles that have access (via username and password) to the 'private' folder???

Since I posted this question I figured out that the SMEServer runs apache to serve the pages.  So I've been reading up on apache documentation concerning this issue.  But everything it tells me to do (use htpasswd to create a password file, and use .htaccess files to set "require [user]" dont seem to be having any affect.  I thought this might be because I am trying to access from an IP address considered on the LAN with the webserver, so I will try tonight accessing it from home.

I'd just like any information that anyone has relating to this!  Please let me know if I am barking up the wrong tree, or if not, some clues / places to enlighten myself on authenticating users to private areas of my website.

Just to make sure you're questions are answered:

1) I made my website with notepad, all simple standard html files
2) not sure what you mean by 'frame-work'...please let me know
3) hopefully you know what I'm talking about from the above paragraphs

Thanks again for any help!  - Gregori

[trevorb]

Try Darrell May's Howto @
http://myezserver.com/downloads/mitel/howto/website-access-security-howto.html

Trevor B

Gregori wrote:
>
>
> I have set up SMEServer 5.0 and it's working great, but I
> have the need to restrict certain areas of the website to
> specific users, and I'm not sure how to do this. Can I just
> follow documentation on apache.org? or is there an easier way
> to add/remove users and set permissions? Any help or advice
> would be greatly appreciated!!!
>
> peace -- gregori

[Robert Boerner]

You don't need to hack the files on the server to do this. Read the e-smith manual and check the section about creating ibays. You can have your primary website up and running from the primary folder, and then put restricted content in another ibay, but have that ibay restricted by a name and a password. I know several people who are doing just that. Htaccess files are a bad idea, and they have been disabled in e-smith. That is why they don't work. Again, check the manual.

[Gregori]

Thanks for the tip, I got i-bays working.  Only problem is that I'd like to have multiple user/pass combinations for the same directory as well as a username that is not the same as the i-bay name.  And I'd also like to have certain subdirectories of the i-bay protected to certain users...I-bays dont seem to offer that flexibility!!!

So, should I be asking how to enable .htaccess files???