Welcome Guest, Not a member yet? Register   Sign In
How secure is a .htaccess on a folder (and it's sub folders)?
#1

[eluser]littlejim84[/eluser]
I'm making myself a little online task list thingy, but want it to be secure from the public. It will most probably be something like <my domain>/manager/. This manager folder will include other sub folders too, which I also want secure with a username and password.

I was personally thinking .htaccess authorisation would be a good and painless way of doing it... But is it secure? Is it as secure as anything I could do inside CodeIgniter? I'd like a solid secure way of keeping what's past <my domain>/manager/ secret.

Any tips/info/experience?
#2

[eluser]GSV Sleeper Service[/eluser]
http authentication is quick and easy, the downside is someone could fire username/password pairs at it all day long until they get a 200 back, and you'd probably never know they were doing it.

controlling authentication through CI would offer you many more options, eg capture the IP address of the user trying to login, after 3 failed attempts ban that IP etc.
#3

[eluser]littlejim84[/eluser]
Is there some kind of 'best practice' in CodeIgniter to get a solid login systen working?
#4

[eluser]GSV Sleeper Service[/eluser]
there are a few authentication libraries available on the wiki or in the ignited code section.




Theme © iAndrew 2016 - Forum software by © MyBB