| Re: Restricting access to a website [message #174870 is a reply to message #174854] |
Thu, 14 July 2011 04:09   |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 7/13/2011 3:13 PM, Luuk wrote:
> On 12-07-2011 02:38, Jerry Stuckle wrote:
>> On 7/11/2011 7:24 PM, Chuck Anderson wrote:
>>> Jerry Stuckle wrote:
>>>> On 7/11/2011 4:08 PM, Graham Hobbs wrote:
>>>> > On Sun, 10 Jul 2011 22:21:41 -0400, Jerry Stuckle
>>>> > <jstucklex(at)attglobal(dot)net> wrote:
>>>> >
>>>> >> On 7/10/2011 10:01 PM, Graham Hobbs wrote:
>>>> >>> Hello,
>>>> >>>
>>>> >>> I 'very laboriously' coded my index.php (close to novice level), for
>>>> >>> my website and it is up and running. It's not public yet and needs to
>>>> >>> stay that way. I need to give the address to two people who will help
>>>> >>> with my product's development .. but they could reveal the address
>>>> >>> anywhere, inadvertently or otherwise.
>>>> >>>
>>>> >>> If, for example, my website is www .lahdedah. com, I want to allow
>>>> >>> full access to these two people (and me:-)) .. others would get a
>>>> >>> 'Sorry, not yet available' screen. I envision hard coding their home
>>>> >>> address's into my index.php?? Am not interested in any additional
>>>> >>> typing by these three.
>>>> >>>
>>>> >>> Hope I've been clear. Is this feasible, easy/hard/unusual?
>>>> >>> Please, thanks
>>>> >>> Graham
>>>> >>
>>>> >> There are any number of ways to do it, none of which require PHP or
>>>> >> any
>>>> >> other server-side language. Try alt.apache.configuration (assuming, of
>>>> >> course, you're using Apache).
>>>> >>
>>>> >> Also, unless you are David Small of Small Expressions, you
>>>> >> shouldn't be
>>>> >> using his domain name in an example. Use www.example.com, which is
>>>> >> reserved for just such a purpose.
>>>> > ---
>>>> > Jerry, folks, thanks,
>>>> >
>>>> > Will check into alt.apache.configuration and apologies about lahdedah,
>>>> > didn't know about example.com.
>>>> >
>>>> > But I wasn't emphatic enough .. yes I would know their IP addresses so
>>>> > CAN I hard code them in my index.php? Yes or no would do and a PHP
>>>> > buzzword I might search on to get started .. I just prefer all my code
>>>> > in one place.
>>>> >
>>>> > .. am definitely not interested in extra keying of passwords by my two
>>>> > associates.
>>>> >
>>>> > Thanks,
>>>> > Graham
>>>>
>>>> You definitely need alt.apache.configuration. No need to do anything
>>>> to your php code.
>>>>
>>>
>>> If you know the IP addrs - simply compare them to the Php global
>>> $SERVER['REMOTE_ADDR'].
>>>
>>>
>>
>> No need to even go to that trouble. It can all be done in the Apache
>> configuration with no changes to the web pages at all.
>>
>
> Jerry,
> Can you explain the REAL benefits of doing this in apache,
> despite the fact that this is a PHP-newsgroup?,
>
> And the real drawbacks from changing a bit to his own php-code just for
> this case?
>
> I simply dont understand why sending him away to
> alt.apache.configuration is better ....
>
>
>
Because it can easily be done in the Apache configuration, requiring no
changes to the page itself, and will work for all pages on his site (or
in a specific directory).
Changing the page code requires similar changes to every page he wants
to restrict access to, and those changes need to be later deleted from
the code (ensuring he gets *all* pages, and doesn't make a mistake in
deleting the code). Simply deleting the .htaccess is all that's needed
when he wants to open it up to everyone. Additionally, it works for all
web pages - not just ones coded in PHP (i.e. simple HTML pages).
Just because this is a PHP newsgroup doesn't mean the *best* answer is
PHP code. Many times a better solution can be found elsewhere.
And BTW - it's also slightly more efficient, because the PHP interpreter
doesn't have to load the page and parse the code before determining the
page should not be displayed. Apache takes care of that long before PHP
is ever involved.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]