Can anyone tell me how to password protect part of a web site using Freeway Pro 5.4.3. Ideally, users would click on a link to a web page but before going to that page, they would be asked to provide a password.
Kind Regards,
Mike Rancka
MacPro Solutions
8026A West Broad St.
Richmond, VA 23294
804-497-8710
705 W. Main St.
Charlottesville, VA 22903
434-806-0793
The most common way is call your ISP and have them setup a WebDAV (username & password) folder within a website for you.
Some website hosting plans have a control panel that lets you do this yourself.
Dale Josephson
Dale Josephson Consulting
Apple Developer & Support
(530) 241-8227
email@hidden
On Jun 28, 2011, at Tuesday12:26 PM, Mike Rancka wrote:
Hello,
Can anyone tell me how to password protect part of a web site using Freeway Pro 5.4.3. Ideally, users would click on a link to a web page but before going to that page, they would be asked to provide a password.
Kind Regards,
Mike Rancka
MacPro Solutions
8026A West Broad St.
Richmond, VA 23294
804-497-8710
705 W. Main St.
Charlottesville, VA 22903
434-806-0793
If you create a sub folder within your FW site and upload to your server then you can Password Protect that sub folder through your Hosting Control Panel.
That way any pages yopu create within that folder will be password protected.
However if you are using just one Freeway file for your site some important resources required for your unprotected pages may be placed in the protected area. This would mean ‘normal’ visitors’ could be prompted to enter a password several times over.
I’ve found it’s best to manage such a site with two Freeway files - one for the unprotected pages and another for the protected ones.
A bit more about this. Freeway uploads using FTP or SFTP, depending on
how your server is configured. You use a username and password that
grants you permission for this operation, so that’s one kind of
security.
“Secured” folders on the Web are using a technique known as Apache
Realms, usually using Basic Authentication as the password handshake
method. This is something that relates to Web users , who are by and
large anonymous and untrusted.
The Web is designed around permitting everyone to view everything. But
in cases where the server has instructions to only permit certain
users into a particular area, a request for any file/folder within
that protected area will first send a challenge back to the browser.
If the user enters the correct credentials, a session is started
between the browser and the server, and then the requested asset is
returned to the browser. Each subsequent request within that same area
by that same browser will also be honored, since the session is still
alive. Close your browser (Windows or Chrome on either platform) or
quit your browser (Mac) or wait a really long time without changing
pages (any) and the session dies and a new request will demand re-
authorization.
So to sum up, a person who has a Basic Authentication user/password to
your Web site does not have the same kind of permissions that Freeway
does (when using your S/FTP credentials) and the two are not
interchangeable at all. Authorized Web users won’t be able to upload
to your server and change your site. If your hosting provider secures
a folder for you using Apache Realms, you won’t be able to log into it
through the Web using your FTP password either – the two sets of
passwords are stored in completely different and unconnected ways.