I was wondering if it would be advisable to use the Password Protected Directory option in cPanels to limit part of my website to no more than 1,000 paying customers (yearly subsciption). Can cPanels handle this? Would accessing .htaccess and .htpassword to authenticate be too slow? Would management become too much? Has anyone attempted this? Are there any good alternatives such as open source programs? I've looked and found a few that are expensive and do way more than what I need.
I have been trying to get password protected directories working on my Linode server. It works / behaves in a desktop browser somewhat but not like I am used to with hostmonster. Also for some reason my phone (windows phone just loads the page in the protected directory without prompting for a password. So I imagine there is some security thing I am missing that none of the info I have found searching talks about. Here is what I have done. I have created a password file and set the permissions correctly on that and it works on the desktop. However when I close the browser or open a private browsing session I am never prompted for a password again. It just feels insecure. Plus my windows phone just loads the page with no prompt. With hostmonster if I closed the browser window it would ask me for the username and password again. I also tested hostmonster directory passwords on my phone and it prompts for a username/password.
Here is what I have added to the apache2.conf file. The rest is pretty much default. There is no .htaccess file for that directory.
<Directory "/var/www/protected"> AllowOverride All AuthType basic AuthName "Enter Login" AuthUserFile /etc/htpasswd/.htpasswd Require valid-user Order deny,allow Allow from user1 </Directory>
It may be worth noting that I have two virtual sites / domain names running on this server at the moment however the one that is being used for this is the primary domain name.
A client wants to FTP some files to my server but I don't want him to see/have access to all the other stuff on the server. Is there a way that I can 'corden-off' an area for him to FTP stuff to? A password protected area perhaps?
I have 2 domains on 1 account. My main website is www.aviationcafe.net and i added on www.modelcuir.com thats what it looks like to the public. But with my host it will be www.modelcuir.aviationcafe.net.
I noticed in the files area that modelcuir is it's own file, i can password protect that but it will stop people getting onto the website completly and i only want to stop them getting into the members area.
I can't create a members area either unless i can add a new folder which i can't i dont think.
Code: curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($curl, CURLOPT_USERPWD, '[user]:[pass]'); but I can't figure out how to get past the login:
Authorization Required
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required. Apache/2.0.52 (CentOS) Server at ****** Port 80
I normally protect a given directory in the Plesk Contral Panel with a Username / Password. I would like to bypass the username and password for visitors from one IP.
how to pwd protect directories with when using no control panel, I am planning to change the login details of the protected directories every few days as well as its top secret data, so I would like to know how to protect directories with pwd, I know how to do using control panel such as cPanel r Plesk but I am having no control panel at this interface
I intend to share the files under this protected directories only to my team, so plz help me with codes if there are any
i did make a big message on here but it deleted when i back spaced
my website is aviation cafe dot net / sample and i need you to help me with password protecting a webpage, i wanted the address to be / the silver sword and definitly not to look like it does now.
today i changed the password for the admin panel for a customer (username eg. mylogin). 10 minutes later he called me and said that he cannot get into his emailaccount anymore. Checked the password and saw that the emailpassword for his emailaddress (eg. mylogin@mydomain.com) is now the same from the admin panel login. So i changed the emailpassword and checked the admin panel login - it now has the emailpassword. What a mess.. I'm running Plesk Panel 11.5.30 MU47.
Hello, I want to buy a dedicate server which support DDOS,ACK,SYN .....
I can provide 500usd most
My friend introduce dragonara.net for me, but they don't support world of warcraft website. Can you introduce one similar with dragonara ? You can see details of dragonara provide
dragonara.net/ddos-protection.html
protect from all types of DDoS, which can be TCP SYN Flood Tribe Flood Network and Tribe Flood Network 2000 TCP SYN-ACK Reflection Flood (DRDoS) HTTP Flood Attack ICMP Echo Request Flood TCP ACK Flood UDP Flood Attack UDP Flood Attack (Trinoo)
Features of Dragonara DDoS Mitigation service* Up to 14 Gbit/s or 10,000,000 PPS ddos attack mitigation* Automatic attacks detection* Full transparency, no <click here to continue> links* Multi-Gigabit protection* SEO friendly* ALL TCP BASED PROTOCOLS SUPPORTED (HTTP, SSL, DNS, UDP protocol support)* Load Balancing to the Customer's Server Farm* Advertise your network block /prefix using BGP
Individual 10gb+ DDoS Protection Suite.Full Managed DDoS Protection with 100% uptime guarantee for Corporate clients.We use 95% burstable billing scheme.SLA agreement;1000 mbit/s included (can be upgraded);Web Caching Service (optional);10+ Gig Protection Available;Money Back Guarantee.
Available for Customers - using Dragonara Colocation services- with own remote DC infrastructure. Clean traffic sent using GRE / OpenVPN / IPSec tunnels.We use 95% burstable billing scheme.SLA agreement; 10+ Gig Protection Available;Money Back Guarantee.ASK / 24 hours setup
Budget: $120-175. Decent amount of IPs (32+ preferable) Need it relatively soon.
GodsHost/Awknet is out of stock completely. Staminus is out of stock except for $700 servers. Gigeservers has a $150 setup fee that I don't really like, but if desperate, maybe. Sharktech is **** and there is no way I will even consider them.
DDoS protected meaning nothing too large scale - I just need basic protection against 12 year olds that have pbots.
Are there any places other than Staminus/Gige/Sharktech Awknet that can protect against small/basic bandwidth attacks (not application attacks, http floods, etc), 5-7Gbps+, occasional up to 10?
Firewall settings are great for preventing Denial of Service (DoS) attacks, however it may not always be your only solution. The day has finally arrived when I found this excellent module called mod_dosevasive (DoS Evasive) which keeps track of how many requests each client makes to your server within intervals. If a client is being forceful with your server and making too many requests, then it is more than likely not just a web browser but some automated process unleashed on your site to try and take it down.
This handy Apache module we have found takes care of these issues. Let's get started by setting it up.
restore a VPS onto a different server due to a hardware failure. The new VPS is up and running and I can apache is displaying the cPanel WHM login panel ok. So I know the VPS is fine.
However, my WHM username/password are no longer working.
What options do I have resetting the password for the WHM? I have full access to the shell of the VPS (root access).
i have a dedicated server with CENTOS Enterprise 4.6 i686 on standard i have main problem that there is an account on my server that the password can enter the FTP account normally but not enter the Cpanel i see that if the coanel pass is 951753 he can not log in the cpanel but can enter FTP why this problem ? and how to resolve it
am having some issues with cpanel's password changing. password of a user changes fine from shell, changes fine from WHM. however no luck in the user's cpanel.
error i get is:
Quote:
There was an error manipulating the password file. This generally means you entered your old password incorrectly. The following services were updatedif any)
Changing password for user xxxxxxx. Changing password for xxxxxxx (current) UNIX password: passwd: Authentication token manipulation error
i'm looking into this user's directory, and oddly see that the /etc/<domain>/passwd and shadow and quota files are all 0 bytes. but i can log in with the password i set from whm.
permissions on these 3 files are -rw-r--r-- which seems normal, plus ownership is <username>-mail.
I searched the forum articles but couldn not find specifically what I wanted.. just learning with my dedicated server...
I want to change my cpanel password and ftp password but NOT change the msql server password. I tried to do it in WHM it also changes the database to my website and causes it to go down. (so I changed it back)
I tried to change it under: [URL to actual WHM removed] Password Modification in WHM but it changed the databse program as well.
Again all I want to change is the Cpanel acces and main FTP pass
Im doing this to keep old programmers out of my server)
I use WHM and have a client that lost access to cpanel because the site's owner (an organization) turned over the management of the site to a new person. The previous person never used the site so he forgot the password to get into cpanel and ftp. I can login to the site using my WHM password, but I cannot change his password in cpanel because I don't know the old one. How can reset it?
