+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: How secure is a .htaccess on a folder (and it's sub folders)? (/showthread.php?tid=8287)
How secure is a .htaccess on a folder (and it's sub folders)? - El Forum - 05-13-2008
[eluser]littlejim84[/eluser]
I'm making myself a little online task list thingy, but want it to be secure from the public. It will most probably be something like <my domain>/manager/. This manager folder will include other sub folders too, which I also want secure with a username and password.
I was personally thinking .htaccess authorisation would be a good and painless way of doing it... But is it secure? Is it as secure as anything I could do inside CodeIgniter? I'd like a solid secure way of keeping what's past <my domain>/manager/ secret.
Any tips/info/experience?
How secure is a .htaccess on a folder (and it's sub folders)? - El Forum - 05-13-2008
[eluser]GSV Sleeper Service[/eluser]
http authentication is quick and easy, the downside is someone could fire username/password pairs at it all day long until they get a 200 back, and you'd probably never know they were doing it.
controlling authentication through CI would offer you many more options, eg capture the IP address of the user trying to login, after 3 failed attempts ban that IP etc.
How secure is a .htaccess on a folder (and it's sub folders)? - El Forum - 05-13-2008
[eluser]littlejim84[/eluser]
Is there some kind of 'best practice' in CodeIgniter to get a solid login systen working?
How secure is a .htaccess on a folder (and it's sub folders)? - El Forum - 05-13-2008
[eluser]GSV Sleeper Service[/eluser]
there are a few authentication libraries available on the wiki or in the ignited code section.