PHP directory protection..

Ok so this is what i wanted to do..

i have a proxy and hosting etc..but my ISP very easily blocks them..because most of them are named proxy etc etc..atleast its there in the domain..

i choose a non proxy termed domain..

but this is what ia m looking for..that the default home page is not to be the PHP proxy page( i want to use eiher php proxy script or the Zelune script)

i want the default page to be a general page..and then the actual browsing page be protected by a password..a Database..so that the ISP wont be able to see the proxy page..

i heard about php guard dog..to protect directories..but i think its dead now..

any good suggestions?any script...paid or free..let me know i fu know some good one...

 

See if this is of any help

http://sourceforge.net/projects/auth/


I have a site with basic auhtentication that gets included at the top of every PHP file. When a page is visited this included file checks for a session and if one is there it allows access, if not, displays the login form. I will dig it up.


Here is the code I based mine from.

http://www.geekinvasion.com/AccessControlSystem.zip

 

hmm how good is the default .htaaccess method of authenticating?

can it be hacked easily?

 

The default method works well enough for most sites.

Broadly speaking, I do not think it can be hacked other than trying to guess a user name and password combination and/or trying to sniff packets. Please note, the user name and password are transmitted in plain text. This takes place whenever a new page is requested because Apache "does not remember any information about a request once it has finished."

On secure pages, the credentials should be sent encrypted -- https pages.

If you are using a PHP logon scheme, you can build in encryption schemes so as to make it very hard to crack passwords.

For a full discussion of Apache's authentication go to Apache Week

 

Well they wouldnt use it so much if it was hackable would they? .

Anyway, it may become a pain if you have to use many usernames/passwords. Then you may be better off using a PHP/MySQL based authentication system. Its even possible to mimic .htaccess behaviour using PHP and then verify the username/password with a backend database.

See these :

http://in2.php.net/features.http-auth
http://www.php-mysql-tutorial.com/user-authentication/basic-authentication.php
http://www.cascade.org.uk/software/php/auth/index.php

Well, hope that was helpful.

~
coderlinks

 

thanks everyone..but i am looking for a ready made type of script..php preferably..and backend Mysql...

so that there is a system that users can sign up with..or i can create users..

anyone knows any good script like that?