Looking for Easy Password Protection to Specific Pages

[zieglecu]

I would like to password protect specific pages on my site, it doesn't have to be super-secure, no user accounts etc... is there a common way to go about this with CMS Made Simple?

Thanks

[Pierre M.]

Using pretty and hierarchical URLs you could have :
/products/boat
/products/bicyle
/zoo/koala
/zoo/shark

...and in front of this your can set up a usual .htaccess inside the webserver,
autorizing /zoo
denying /products

Hope this helps. Have fun with CMSms.

PM

[KO]

You could also do something using FrontEndUsers and CustomContent combination.

K

[zieglecu]

Using pretty and hierarchical URLs you could have :
/products/boat
/products/bicyle
/zoo/koala
/zoo/shark

...and in front of this your can set up a usual .htaccess inside the webserver,
autorizing /zoo
denying /products

Hope this helps. Have fun with CMSms.

PM

thank you

[zieglecu]

ok... I thought I knew what I was doing but I can't seem to get it right, can you give me an example of how the .htaccess file would look exactly?

[osn]

ok... I thought I knew what I was doing but I can't seem to get it right, can you give me an example of how the .htaccess file would look exactly?

Here is an example of the .htaccess file:

AuthName "Enter password"
AuthType basic
AuthuserFile /home/virtual/yoursite.com/public_html/yourfolder/.passwd <- this line must be changed!
require valid-user

Then you have to generate a password with MD5 for example at: http://www.phpbbhacks.com/md5.php (never tried this site before though)
Here is an example of a crypted md5 password:

Before: hejhopp
After: ad7a295f72e1d181d075aa343e6dca3d

If you want to use the password I generated and the username user, then you add this to a new texfile called .passwd:
user:ad7a295f72e1d181d075aa343e6dca3d


Place both the files in the directory that you want to keep password protected.

Remember that most windows text editors sometimes add invisible ascii codes that mess up the script. Try to find an editor that not is doing that if you get problems with ex. notepad. The editor I'm using is EditPad Lite but there is lots of other freeware editors you can use.

Good luck!


Dennis

[zieglecu]

Hey osn, thank you. I just have a question about this line:

"Place both the files in the directory that you want to keep password protected."

With CMS made simple the 'directories' with clean urls don't really exist. I want anyone to get to all pages but one...

Ex:

/
/contact/
/personal/ <- Lock down this one with .htaccess stored in '/'
/something/
/sometthing/else/

[Pierre M.]

.htpasswd works inside the webserver in front of CMSms even if the URLs don't really "exist" but are internaly pretty-to-ugly rewritten. The protection acts before the rewriting.

So, for Apache, these auth lines may occur inside a LocationMatch or something like this :

AuthName "zieglecu private section"
AuthType basic
AuthuserFile /an/obfuscated/non/http/accessible/path/to/folder/of/.passwd
(please review Apache's manual before as I'm not sure about the syntax, just the concepts).

And go on with URL rewriting rules. I'm confident it should work. Have fun.

Pierre M.

[osn]

Sorryu zieglecu! I'm not so familiar with pretty urls since I don't use it. At least not yet.
Pierre M. gave a good explaination that I think will work.

[zieglecu]

Thank you all very much, I really appreciate your time on this!