Ive seen a few examples of how to password protect my pages by either textfiles / access. But how can I make the pages so that no one can just enter the url and bypass the login page.
Im trying to create a shop site and im trying to create a maintenance page that only I have access to so that I can look at my database status without having to open the database directly. I need these pages to be completley locked from anyone but me.
I am using ms access database and asp 3.0 as my front end. In my database there is a table called account and a field called password. How do I protect the password stored in the database.
I've created a database for a group of about 5 people that I password protected. They all use the same user name and pass to access the website. I've used a session variable that is set to "valid" if the user and pass are correct. When the click the sign out link on any page, I use the Code:
I am developing a small e-commerce site that allows users to create an account, pay, and then download audio files.I have only been doing ASP for about 6 months and this is a new problem for me: I need to not only password protect the pages (using Sessions and checking usernames and passwords against an Access database), but I also need to password protect the audio files themselves, so that users can't just type in the absolute URL to the audio files and get them for free.
I'm guessing password protecting the entire folder that contains the pages and audio files would be the best way to go, but I have no idea how to do this, and haven't been able to find any info on it.the site is part of a larger already existing site which is on a Shared Windows hosting account, so I have no root-level access to install any new software or technologies.
How can I password protect files so that no one can anonymously download it? I have windows 2003 server with IIS 6.0. Please explain the steps in detail.
I need to password protect all the pages of my website using ASP. Microsoft KB 301464 http://support.microsoft.com/default.aspx?scid=KB;EN-US;q301464&ID=KB;EN-US;q301464&SD=MSDN
provides a simple way of implementing it. But I am getting the following error in the Logon.asp script and dont know how to get past it. The Script block lacks the close of script tag (%>). /PDACPO1/Logon.asp, line 45.
I have a client who wants to password protect a learning course that is set up in modules. Each module needs to have it's own password protection so users can only access them as they progress through the course.
Each user should have their own password (for each module) and, said client would like the password to expire for the user at some (predetermined?) point. Is this possible? It seems like a lot (in terms of setup), but I don't know much about password stuff.
If it is possible, can someone give me an overview of how it works (theoretically) or where to find more specific info on setting something like this up (in ASP.net)
If it isn't possible, can someone suggest what is more reasonable in terms of protecting the modules?
i have an ecommerce site that is split across two domains, a secure space that retains cc details and the main site where contact information and order details are held. I need to be able to produce a report that displays both sets of info in a printable document. aside from using iframes is there a better way of doing this?
I created sessions to authenticate username and password. How can I utilize this same script to alert the user to change password at 3rd login? In other words when a user logs into a site after the 3 or 4th time which ever, they are prompted to change their password. Code:
I did write some asp code, that I sell to companies, to control several dbases. Because I sell the code, it's not that they own the code and can sell it further or change the code, or add some extra code to it. It's like I'm selling a program like Excel and that they can use the program, not change it. I'm still the rightful and intellectual owner.
Also, if you give the raw asp-code, then there is a possibility that they change to code a bit for there internal usage only. But if I sell an update, then they have to search and copy/past there old code in the new page, not knowing, that everything will work eventually.
It would be a lot nicer and easer if I can deliver some protected code that they can't change! This will make my live a lot easer regarding updates. And I will sleep better because they can't see the raw asp code, copy/past/change and sell it or worse, going to competitors. Code:
Is their anyway I can protect my asp code from being copied. I have created a number of include files that are quite useful and save a lot of time.
I am hoping that if another developer is enlisted to work on a project i have worked on previously, I can protect all my hard work from being plagerised.
I have writen a few scripts that I'm allowing some poeple I know to use but I don't what them to be able to view the code, is there anyway of stoping them like compiling the code into a DLL or something?
I've built an upload system but i now need to protect the files from being downloaded without being logged into the site.What's the best scenario to implement.I'm using an access database for the site.
Here's what i have done so far.Once a file link (just the id not the file name) is clicked it will check that there's a session variable present then it will present the user with the actual file but i'm now guessing is this the best way to go.
I am building a site that will have a number of images on it, at the moment I have the images in a Dir on the site and the paths stored in database.I want the make it as hard as I can for people to download the Images that are stored on the as some will probably be copyrighted, etc. I know watermarking the images is probably the only real way of protecting them, but I was hoping not to have to do this.
I plan to put a transparent gif in front of the images so right clicking don't work, is there anything I can do to protect the paths that will appear in the source downloaded to the browser?
Imagine you could encrypt your asp pages and then using a dll run the pages as normal do you think there would be a market for it. Obviously the dll would need to be registered on the server, but once registered you never need to register it again, if the asp page changes then just re-encrypt it.
One advantage I could see for it is db connections or when writing scripts for other companies but want to protect some of the routines you might have written. But what do you think.
I am after a solution to people both linking to my images and putting the paths into their browsers manually (when they know the format, after viewing the site normally). The reason is that the site has banners, and the only way I can keep it up (afford the hosting) is by successfully serving a banner along with the image requested.
I know xoom and those sort of hosting places have this technology. so it exists, and I'm sure many of you know what I'm talking about. My site will be wholly written in ASP, so hopefully there is an ASP solution. It will also use a mysql db (if that info is of any use).
This is extremely important. If I can't find a workable solution, the new site will never be launched.
I've finally written an asp app that is worthy of resale and would like to hear from you who have done the same. What is the best way to protect my application? I would like to stay away from anything that has to be registered on the server as most of my target audience will not have physical access to their web servers. They will just upload the code to their server and set directory permissions for the database.
I 've purchased asp scripts myself in the past and had to provide a domain name where it would be running. It would not run on any other domain but the one I provided. Is this a practical approach or is there a better way? How is it done? I've also seen posts about putting some of the vb code into an activeX dll. Is this a solid solution? Again, How is this done?
I have a site with restrict access where people can download documents in pdf format. All documents reside in a folder. My problem is that if the person puts the full path to the document in the browser (ex. www.mysite.com/documents/documentx), he can download the document even not being logged in. What is the best way to create a protected folder that I can access via ASP (with a password) to get the document to the user ?
Is there any way to do it without saving files to a database or having to use windows basic authentication ?
Lets say I have a folder 'members/3/'. in this folder are images. I have a login page that connects to a database to retrieve user info. After login the user is directed to a page that lists the files in the above directory.
Now lets say some other user goes to the directory and types in members/3/image1.jpg he/she will now see the image. How can I stop this without using ntfs permissions.
Is there any way to setup a multiple password page where if user1 logs in it will take him to dir1 and if user2 logs in it will take him to dir2 and so on. Basically, we need a page that checks to see if the user name and password exists and then redirects accordingly.
I've got a site going that has pages protected by a login script. I have a logout button that simply redirects to a session.abandon page. Obviously people can still access the protected pages by hitting the back button on the browser (although they cannot go to any of the other pages by using the buttons on those pages).
Is there a way to protect the pages so that the user can't return to a page by using the back button? Or somehow force one of those "page expired" conditions so that a passerby couldn't snoop confidential information?
I want to install asp and access on a server, is there way to password protect asp pages from being accessed directly?. I don't mean via web.But being accessed from the server directly?
Is there way to ensure that the asp pages works on the computer/server it has been installed on and not for any other comp?
So if some new admin tried to copy those asp pages to another computer,they would not work.
If I create a simple login page and then store the UserId is a session and check its validity in the subsequent pages, How secure will the site be. I know the same question has been asked in the PHP forum
Code: http://www.sitepoint.com/forums/showthread.php?t=233118 But how can I make my site secure enough in asp
I may be in over my head on this one... VERY new to ASP. I have a potential client which is a marine loan broker. He wants an online credit application for the boat dealers he works with (20 different ones). He wants the credit app to be co-branded. Dealer/LoanCompany logos at the top would be sufficent. The dealer would have a link on there own site to the loan company's site but wants it to look like they are "Partners" and not just being shullde from one site to the next.
Is there a way to display different dealer logos based on the referrer URL? I would rather have one creditapp.asp that displays the proper logos depending on the referrer over building 20 creditapp.asp's. He doesn't need the form data written to a database. He just wants the form data emailed to him. (this I can do) How secure is that emailed data?
Right now, I'm trying to use WSH to run PSCP (command-line version of PuTTY). I've tested the command I'm using by opening a DOS box manually on the server, and the test file is successfully transferred. I've run Filemon and Regmon while running my sample ASP page, and see no permissions problems. I've tried running cmd.exe and passing PSCP as the parameter.
I've tried running PSCP.exe directly. I've even tried using ASPexec to run it instead of WSH. None of these have worked. I always get the same thing -- error code 0 (success) returned from WSH or ASPexec, but when I look at the second server the file never got there, and when I look at terminal services on the Web server PSCP is still running.
I'd like to create a secure login from an ASP page to a specific SQL Server 2000 Db. Is there an accepted methodology for doing this? Are there any resourses that show how this can be done?
I need to secure my web page, when it is reading a file from the physical folder. Say for eg.. I have a page Page1.aspx, which displays a list of links that corresponds to the available text files in one of the files. All the other pages are secured except this page. So when I click the link, it redirects it to for eg.. http://localhost/folder1/one.txt. But this should not happen. As the user can type this without even logging into the website. So I need to know how to stream this file and display it in another page, rather than just showing it.
Iīve made a loginpage in asp, and a page that receives the data from the form and logs you in. But how do i make the loginpage secure? Do i have to use https, and if so, how do i change from http to https when the loginpage is included in another asp-file?I donīt know if i have explained myself correctly