Password Protect 6

$19.00 US Add to your PayPal cart. View your PayPal cart. pay by mailver 6.0.141DWMX-DWCS3

Cautions

There are three cautions. You should understand them and follow the recommendations here to avoid these easily preventable problems.

 

1)  This caution applies if you choose to require entry ONLY of a UserID (folder name) without also requiring entry of a Password (file name)
If your server allows directory listing, the resulting list will include a link to the directory above the protected one. Unless you take one very simple step, simply clicking on that link will reveal the directory names (UserIDs) of ALL your supposedly protected directories.

The simple step to prevent this?

If you WANT to allow Directory Listing of your protected Folder (and your server allows it):
Add to the folder ABOVE the protected directory a default index.htm (or default.asp or .php or whatever) which will open automatically instead of revealing the contents of that parent directory. Stated differently, make sure the folder which contains the Password Protection 6 popup file (vwd_getpass6.htm) has a default index file if your server allows Directory Listing and you plan to opt for only UserID protection.
If you do NOT want to allow Directory Listing of your protected Folder (or if your server does not permit it anyway):
Add a default index.htm (or default.asp or .php or whatever) to the protected folder. That way when the correct UserID is entered, the default page opens (perhaps containing links to other pages in the directory). FYI, if your server does not allow Directory Listing, then without the default page, the user would get an error page: "Directory Listing Not Allowed".
2)  Realize YOU control the level of protection for your files.
Unlike the more robust server-side protection techniques, this one is not really adding any actual protection! What it is doing is allowing a friendly way for your users to enter a hopefully obscure folder and or file name! It is the obscurity of these names that really determines how safe you are making your files. In challenge tests performed by my beta testers, not once was a protected folder or file broken into. (Of course your results may vary. We are an equal opportunity screw-up.)
$19.00 US Add to your PayPal cart. View your PayPal cart. pay by mailver 6.0.141DWMX-DWCS3
3)  What happens if someone accesses your protected files directly?
For most situations this next will not be a major concern, but I want you to be aware of it. Someone may innocently Bookmark the protected folder or file. Then someone else could come along and access it from that computer. If this is a concern to you, then be sure to see EyesOnly which came with PasswordProtect6. With EyesOnly on your protected pages, only users coming directly from your website will be allowed access to the page, which makes them safe from Bookmarking. Of course EyesOnly reduces the risk of other forms of direct file access as well, so it is highly recommended that you add it to your protected pages!

Extensive testing has been done. See the results: Issues.

top

Blingo
We've already won
an iPod Shuffle,
A DVD player,
and movie tickets!
Incredibly cool.

© 1998
ValleyWebDesigns
Our strict Privacy Policy
 for JustSo
PictureWindow