Announcement

Collapse
No announcement yet.

How do I secure my Board?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Scott MacVicar
    replied
    Originally posted by Roody
    so i would create multiple user names and passwords in the .htpasswd directory?
    Basically you want a .htaccess file with the following in it placed in your admin folder.
    Code:
    AuthType Basic
    AuthName "Admin Panel"
    AuthUserFile /path/to/.htpasswd
    require valid-user
    then in your .htpasswd file you have
    Code:
    user1:pass1
    user2:pass2
    user3:pass3
    though if you have cpanel it makes life alot easier.

    Leave a comment:


  • Roody
    replied
    Originally posted by filburt1
    No, multiple lines in one .htpasswd.
    so i would create multiple user names and passwords in the .htpasswd directory?

    Leave a comment:


  • Steve Machol
    replied
    I don't know about the images directory, but you'd certainly want to do this for your admin and mod directories.

    Leave a comment:


  • filburt1
    replied
    Originally posted by Roody
    ok so let me see if i understand you correctly. I need 1 .htaccess file that will work for everyone, but multiple .htpasswd?
    No, multiple lines in one .htpasswd.

    Leave a comment:


  • Guidster
    replied
    Originally posted by Steve Machol
    .htaccess guide
    Thanks for the guide. Just so I am clear, if I want to secure my vb CP, I would want to put one in my admin folder. Likewise for the images folder to prevent someone from linking over to my site. I assume that I will need a username and password specified so that vb can access the files it needs to when the php scripts run??

    Thanks and sorry for being such a bonehead! Just starting this gig!

    Leave a comment:


  • Roody
    replied
    Originally posted by filburt1
    IIRC the generator I wrote only works with one username and password, but if you run it multiple times then download only the .htpasswd file you can copy and paste that u/p line into the original .htpasswd file as a new line which works, too.
    ok so let me see if i understand you correctly. I need 1 .htaccess file that will work for everyone, but multiple .htpasswd?

    Leave a comment:


  • filburt1
    replied
    Originally posted by Roody
    wow man. you rock! nice work as always. tell me this..can one username and password given to several people work or do you need to create multiple username and passwords and if so how do you do that with your generator?
    IIRC the generator I wrote only works with one username and password, but if you run it multiple times then download only the .htpasswd file you can copy and paste that u/p line into the original .htpasswd file as a new line which works, too.

    Leave a comment:


  • Roody
    replied
    Originally posted by filburt1
    http://www.webdesignforums.net/tools/htaccess/
    wow man. you rock! nice work as always. tell me this..can one username and password given to several people work or do you need to create multiple username and passwords and if so how do you do that with your generator?

    Leave a comment:


  • filburt1
    replied
    Originally posted by Roody
    im really not understanding the .htaccess thing. let me ask something.. lets say you had a place on your website that you wanted certain people to access. so you put in the .htaccess in a directory. how do you do it?

    lets say the username was: monkey and the password was: uncle

    can you explain this filburt? I really have never understood .htaccess even after looking at the tutorial.
    http://www.webdesignforums.net/tools/htaccess/

    Leave a comment:


  • Steve Machol
    replied
    .htaccess guide

    Leave a comment:


  • Roody
    replied
    Originally posted by filburt1
    Remember don't allow HTML in sigs and PMs, too. Also .htaccess your admin and mod CP.
    im really not understanding the .htaccess thing. let me ask something.. lets say you had a place on your website that you wanted certain people to access. so you put in the .htaccess in a directory. how do you do it?

    lets say the username was: monkey and the password was: uncle

    can you explain this filburt? I really have never understood .htaccess even after looking at the tutorial.

    Leave a comment:


  • filburt1
    replied
    Originally posted by Grunt
    im kinda interested in this as well..the one thing i do know, is to not allow HTML in posts..what i would be interested in, is: what files/folders should be chmod'd to what values for max security?
    Remember don't allow HTML in sigs and PMs, too. Also .htaccess your admin and mod CP.

    Leave a comment:


  • Guidster
    replied
    Originally posted by Grunt
    im kinda interested in this as well..the one thing i do know, is to not allow HTML in posts..what i would be interested in, is: what files/folders should be chmod'd to what values for max security?
    Exactly!

    Leave a comment:


  • John_770
    replied
    Originally posted by Guidster
    What is the best procedure to ensure that your site is secure from attack? Is there a FAQ or how to guide out there that provides such information?

    Thanks
    im kinda interested in this as well..the one thing i do know, is to not allow HTML in posts..what i would be interested in, is: what files/folders should be chmod'd to what values for max security?

    Leave a comment:


  • Guidster
    started a topic How do I secure my Board?

    How do I secure my Board?

    What is the best procedure to ensure that your site is secure from attack? Is there a FAQ or how to guide out there that provides such information?

    Thanks
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X