How To Password Protect Web Pages, I Can Protect Directories But Can't Put Pages In
Mar 4, 2007
i did make a big message on here but it deleted when i back spaced
my website is aviation cafe dot net / sample and i need you to help me with password protecting a webpage, i wanted the address to be / the silver sword and definitly not to look like it does now.
how to pwd protect directories with when using no control panel, I am planning to change the login details of the protected directories every few days as well as its top secret data, so I would like to know how to protect directories with pwd, I know how to do using control panel such as cPanel r Plesk but I am having no control panel at this interface
I intend to share the files under this protected directories only to my team, so plz help me with codes if there are any
Sometime you must have gone to a cyber cafe or used public computers to access the internet or mail.
Public computers are most prone to password hacking. Anyone can simply install a keylogger software to hack your password. Keylogging is one of the most insidious threats to a users personal information. Passwords,credit card numbers,etc.
It is very easy for the keylogger to harvest passwords. Each and every keystroke (whatever you type on the keyboard) gets recorded in the keylogger software and the person installing it can easily view what you have typed in.
For example,if you go to hotmail.com and check your mails. Say your ID is aaabbbccc@hotmail.com and password is snoopy2,the keylogger software records your usename and password in its log file as
www.hotmail.comaaabbbccc@hotmail.comsnoopy2
Risky isnt it?
Theres a solution to this problem and you can easily fool the software!!
The keylogger software sees and records everything,but it doesnt understand what it sees,it does not know what to do with keys that are typed anywhere other than the password or user name fields.
So between successive keys of the password if you enter random keys,the keylogger software wont ever come to know where you typed in what..
In the process of recording the keys,the string that the keylogger receives will contain the password,but embedded in so much random junk that discovering it is infeasible.
So...
1. Go to hotmail.com or yahoo.com or any other site where you need to insert a password or PIN.
2. Type in your user ID.
3. Type in the first characterof the password.
4. Click on the address bar in the browser,type in some random charachters.
5. Again go to password field and type in the second character of the password and probably third too.
6. Again go to the address bar and type in a few more random characters.
7. Back to the password field and the next characters of the password.
Keep on repeating the process till you type in the full password in the password field.
Instead of the password snoopy2,the keylogger now gets: www.hotmail.comspqmlainsdgsosdgfsodgfdpuouuyhdg2
Heres a total of 26 random characters have been inserted among the 7 characters of the actual password!
No doubt it takes a little bit of more time than the usual process,but you are safe and secure that way!
I am moving to a new server. At first the [url]version of the site was fine. I had trouble getting [url]working. Once I had the path to the certificate file correct, I was good to go. So, I started moving data. I also ran some updates on the new server (installed mysql, php, related pkgs). I don't know when the [url]pages stopped working, but I didn't realize it until I had everything moved over and tried to go live. The pages are completely blank. If I view source, I get this: ....
Are there any scripts out there that can protect URLs? For an example I am trying to protect a megaupload.com URL with a masking URL and making sure that the masking URL is only access by a referral site. Can this be done?
Last days my site was hacked to the main page has been added the "iframe" tag with path to the virus loading. I don't know how somebody could edit the original page and insert this code to the html body. This time I have updated this page from archive but I would be glad to know how to protect my site in future. Could somebody advice me fast and effective methods?
what is the best way to protect whm and cpanel from unwanted login?
If i change the port they still can sniff, is there away to put another layer to protect it or assigned specific ip to be able to login ? I'm on a dedicate server and only hosting for 1 site so there no customer that i should worry about.
can i change /whm and /cpanel to something else just to hide it form novice users.
Probably a cron file is updating one of my files every night. Then normally the script is not working, script owner is not responding my emails. So any ways to protect the file for being overwritten.
what steps procedures need to be done to keep your database as safe as possible from the hackers. Anyway to be alert when someone got into your db and try to dump, alter your database?
I am having a lot of trouble with spammers and hackers. I am currently hosting my site on a windows server.
[FONT='Calibri','sans-serif']What is the best tool that I can use to protect my web-site? The tool should be easy to use and require no JAVA or Pearl and other programming languages as I am not familiar with them.
Today i was informed that some of Apache instances are vulnerable for serving content while client is constantly pressing F5 button in browsers - once is pressed CPU load is increasing, page became slow etc. (it's dynamic content served by back-end Tomcats). In the same time i see errors with connection between Apache and Tomcats' instances.
Is there any good way to protect Apache against it ?
I recently bought an SSL certificate to protect user data. I installed the cert in WHM. But when I go to my website in https://, my browser says (Safari can’t open the page [url] because Safari can’t establish a secure connection to the server “*domain name*”.)
Do you know what's happening and how to fix it? I've never dealt with SSL before, so this is very frustrating.
We tried to use one software for offline browsing to download our site and test it if it will fail or not. We used 500 threads at once. Program was able to request 56 pages per second. Of course server (site) failed because there were no more available mysql connections. So site went down. Mod_evasive didn't block that.
Here is the copy of text I found on one site about mod_evasive:
Mod_evasive does work relatively well for small to medium sized brute force or HTTP level DoS attacks. There is, however, an important limitation that mod_evasive has that you should be aware of. The mod_evasive module is not as good as it could be because it does not use shared memory in Apache to keep information about previous requests persistent. Instead, the information is kept with each child process or thread. Other Apache children that are then spawned know nothing about abuse against one of them. When a child serves the maximum number of requests and dies, the DoS information goes with it. So, what does this mean? This means that if an attacker sends their HTTP DoS requests and they do not use HTTP Keep-Alives, then Apache will spawn a new child process for every request and it will never trigger the mod_evasive thresholds. This is not good…
Is there any solution for such type of attack with Keep Alive disabled?