 |
| Register | Login | |||||
 |
Main
| Memberlist
| Active users
| ACS
| Commons
| Calendar
| Online users Ranks | FAQ | Color Chart | Photo album | IRC Chat |
|
| | ||
|
| Register | Login | |||||
|
Main
| Memberlist
| Active users
| ACS
| Commons
| Calendar
| Online users Ranks | FAQ | Color Chart | Photo album | IRC Chat |
|
| | ||
| 0 user currently in Programming. | 3 guests |
| Acmlm's Board - I2 Archive - Programming - secret site |
 |  |  |
| Add to favorites | "RSS" Feed | Next newer thread | Next older thread |
| User | Post | ||
goodall Double hammer Level: 11  Posts: 13/38 EXP: 5405 For next: 580 Since: 05-19-04 From: the UK Since last post: 189 days Last activity: 194 days |
| ||
| is there any way i can set up a website that only allows acces to a strict set of IP adresses. the reason is i want to set up a secret site, and i find peopel crack passwords too fast. | |||
Parasyte Bullet Bill Level: 35  Posts: 58/514 EXP: 267348 For next: 12588 Since: 05-25-04 Since last post: 104 days Last activity: 32 days |
| ||
| Use some kind of server-side scripting, such as PHP or PERL for password-protecting things. (Or you can use .htaccess, but that tends to give you a lot less control) Never use client-side scripting like javascript to password-protect "secret" sites. That's just irresponsible. |
|||
Modereb Paragoomba Level: 15 Posts: 17/75 EXP: 14749 For next: 1635 Since: 06-04-04 Since last post: 350 days Last activity: 339 days |
| ||
| Passwords do fine, if you use them properly. And here's a rough script that restricts only to a few IP adresses. <? $allowed_ip_adresses=' 12.34.56.67 34.56.78.89 98.87.76.65 123.546.56.3 '; if(stristr($allowed_ip_adresses,$REMOTE_ADDR)){ echo "You are allowed"; }else{ echo "You are not allowed to view this page!"; } ?> (edited by Modereb on 06-11-04 07:27 PM) |
|||
|
goodall Double hammer Level: 11 Posts: 14/38 EXP: 5405 For next: 580 Since: 05-19-04 From: the UK Since last post: 189 days Last activity: 194 days |
| ||
| thanks loads, this way i wont get people giving out passwords to the site. | |||
Sokarhacd Ball and Chain Trooper Resistance is Futile You Will Be Assimilated Hab SoSlI' Quch Level: 61  Posts: 286/1757 EXP: 1799888 For next: 76708 Since: 03-15-04 Since last post: 6 days Last activity: 4 hours |
| ||
| although this way, you cant have anyone with dialup have access to your website....only people whos IP address is always the same....or only change every so often... | |||
Elric Chasupa  Currently Playing: You Like A Lute. Level: 40 Posts: 212/687 EXP: 440016 For next: 1293 Since: 03-15-04 From: Melniboné Since last post: 6 hours Last activity: 6 hours |
| ||
| I have dial-up, and my IP is always one of three different ones. You could find out what their IP addresses are, and add them to the script, or you could do a partial IP address, though that way is riskier... |
|||
|
HyperLamer <||bass> and this was the soloution i thought of that was guarinteed to piss off the greatest amount of people Sesshomaru Tamaranian Level: 118 Posts: 955/8210 EXP: 18171887 For next: 211027 Since: 03-15-04 From: Canada, w00t! LOL FAD Since last post: 2 hours Last activity: 2 hours |
| ||
| The problem with this idea is people's IPs tend to change a lot. Here's what I suggest instead: -Get the IPs of everyone you want to be able to access the site. -Set up the site to allow those IPs. When they get in, it should set a cookie and remove that IP from the list, or at least tell you so that you can do it. -Configure the code so that they'll be allowed in if the IP is on the list or they have the cookie. (Don't use something like 'allowed=true', rather, generate a random number and store it. The number should have a pattern, such as always being a 12-digit multiple of 7. If the number doesn't match this criteria, they should be kicked right there for trying to fake the cookie. (Consider setting another with a similar pattern, maybe a different number of digits, to disallow access even if they get a matching IP.)) If the cookie's not stored, check the IP. Consider a user/password system. Each person should have a user ID and password issued by you. If they give out the password, delete the account and don't give them a new one. |
| Add to favorites | "RSS" Feed | Next newer thread | Next older thread |
| Acmlm's Board - I2 Archive - Programming - secret site |
| | |
