06-23-2005, 02:29 PM | #1 (permalink) |
Psycho
Location: Sweden - Land of the sodomite damned
|
Password protecting webpages
Ok, so today my father in law (A professor at a university around here) asked me whether I could help him with password protecting some pages containing course material. Only students would be allowed to access these pages, other people would just get some basic info about what these courses contains.
This uni runs windows with IIS, and since I've never worked with that system, where is a good place to start? What I'm asking for is basically a howto on how to protect webpages with IIS. No need for anything fancy (It's not anything top secret), just a simple way to prevent everyone from accessing certain areas of a website. Been looking on google and found some info, but I thought I might check here as well and see if anyone has any nice recommendations.
__________________
If atheism is a religion, then not collecting stamps is a hobby. |
06-24-2005, 04:36 AM | #2 (permalink) |
Addict
Location: Hoosier State
|
Maybe this will help you, I don't have any experience in this.
http://www.troxo.com/products/iispassword/ |
06-24-2005, 04:54 AM | #3 (permalink) |
Professional Loafer
Location: texas
|
Also, if you go into the IIS Administration on the machine, disable Directory Browsing as well. It's just a checkbox you have to put a check into.
That way, someone can't just go to www.insertrandomhitfpaddress.com/files/ and be able to get a listing of the files if you have no index file in there.
__________________
"You hear the one about the fella who died, went to the pearly gates? St. Peter let him in. Sees a guy in a suit making a closing argument. Says, "Who's that?" St. Peter says, "Oh, that's God. Thinks he's Denny Crane." |
06-24-2005, 05:38 AM | #4 (permalink) |
Addict
|
In the IIS administration panel, you need to find the website or virtual host that your father's site runs under.
Within the directory security tab you can set it to not use the default anonymous login which uses the built-in IUSR_machinename login. For basic passwording, set it to use plain text. MS authentication will mean that they need to be on the same domain as the server and given rights to it. If the page is part of a larger site, it would be best to create a virual host under the main site's structure and have it point to a separate directory that holds the pages he wants protecting. Then do the above changes to that v-hosts directory security tab. |
06-27-2005, 10:05 AM | #6 (permalink) | |
I flopped the nutz...
Location: Stratford, CT
|
Quote:
__________________
Until the 20th century, reality was everything humans could touch, smell, see, and hear. Since the initial publication of the charted electromagnetic spectrum, humans have learned that what they can touch, smell, see, and hear is less than one millionth of reality |
|
Tags |
password, protecting, webpages |
|
|