Solved

Secure socket layer?

Posted on 1998-02-27
12
251 Views
Last Modified: 2013-12-25
Hi, I would like to have information on secure socket layer. Does it take great skill of programming. I'm a graphic designer and I build website so my programming is limited to HTML and some Java. To reason why i'm asking you this is because my boss wants me to make private information on our website so that only members will have access to those database. Can you give me some solutions???
0
Comment
Question by:cmag
  • 4
  • 4
  • 3
  • +1
12 Comments
 
LVL 1

Expert Comment

by:phutson
ID: 1857656
How secure does this informations need to be? You can do simple passwords protection with the .htaccess file but that will not protect the data in transit. There are many examples of how to use the .htaccess file here and there should be at least one example of how to add passwords to the password file automaticly in one of the forums. SSL only protects data in transit.
0
 

Author Comment

by:cmag
ID: 1857657
I would like to know more about htaccess file. The protection does not need to be very "high" (it is not vital informantion) only to had a bit of security.

 
0
 
LVL 5

Expert Comment

by:julio011597
ID: 1857658
To give you further insights, would you mind telling which web server you are using?

BTW, the kind of protection phutson has talked about, is the same you can see when loggin to this site: there's a database of authorized users and one has to give user name and password to have access to pages. This seems indeed enough for your needs.
0
 

Author Comment

by:cmag
ID: 1857659
The server we have is Windows NT 3.51.
BTW does the htaccess files slow down the server?


Thanks
0
 
LVL 5

Expert Comment

by:julio011597
ID: 1857660
That is the Operating System. What we need is your Web Server (e.g. Netscape FastTrack, Microsoft IIS, etc.).

In practice, there's no slowdown with access control enabled; actually, the only difference is that each incoming request, besides file name, bring an additional login name and password information.
0
 

Author Comment

by:cmag
ID: 1857661
We are in Network so it really is a Windows NT Server... at least that's what everybody here seems to tell me. We use the hard drive of this computer (whit the WinNT server on it) to hold the files of our websites.

I don't know if that help you in anyway. I'll try to talk with my technician this evening to be sure.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 1

Expert Comment

by:phutson
ID: 1857662
Sounds like your using IIS. If thats the case there is a .htaccess equivilent on it. I have never done so I would need to look it up unless Julio has already done it and can answer it without going to another source.
0
 
LVL 2

Accepted Solution

by:
shogi earned 70 total points
ID: 1857663
If you need really a secure connection you need to have a KEY. For each connection, email you need to secure you will need to use this KEY. If you support Netscape and IE you need 2 Keys, one for Netscape and one for IE.  If you just have to support only one of those browser in you Intranet you just need the KEY for you browser you want to support.  But were you can get this KEY and more information about secure connection : www.verisign.com

Just becarefull want you get your key... get the good one for the good browser... and the good level of security to the type of secure connection you want.

You can have too KEY for the server... See at verisign you will have some helpfull informations.

Regards, Shogi
0
 
LVL 5

Expert Comment

by:julio011597
ID: 1857664
phutson:
no, i've never worked with IIS, so feel free to provide an answer;

shogi:
what are you talking about, man?? if you had read comments, you knew that cmag is actually asking for access control.
0
 

Author Comment

by:cmag
ID: 1857665
I'll wait for your answer phutson. Thanks to all of you guys for the helping!


cmag
0
 
LVL 1

Expert Comment

by:phutson
ID: 1857666
Ok what I have found (if anyone else can tell it better please do). You need to allow basic (clear text password authentication). Open the internet service manager with start-->programs-->internet information server --> internet service manager.
Then open the web services properties page by double clicking on the name of the web server showing on this page then select clear (basic authentication). You will then be able to change the directory rights in subdirectories off of the web server's root directory to restrict access to certain groups or users (I would suggest only changing access based on groups). I still have not done this on my iis server. So if this doesn't work let me know and by then I will probably have done this and will be able to walk you through a real setup. The book that I got some of the information out of is Microsoft Internet Information server 4.0 sourcebook by Michele Petrovsky  isbn 0471178055
0
 
LVL 1

Expert Comment

by:phutson
ID: 1857667
I forgot to mention DO NOT use the same login ids for both access to internet directories as you use for the rest of the network. The passwords and userids are sent across the internet unencrypted. They would be very easy to pull out of packets if anyone was watching. You could use the microsoft challeng/response authentication but that would require  the users to the secured section to use Internet Explorer.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Grunt No Clean Targets 6 61
Hovering effect 9 30
WEB Farm 6 26
How do i learn Story Board for IOS ? 3 28
Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
"In order to have an organized way for empathy mapping, we rely on a psychological model and trying to model it in a simple way, so we will split the board to three section for each persona and a scenario and try to see what those personas would Do,…
This tutorial demonstrates how to identify and create boundary or building outlines in Google Maps. In this example, I outline the boundaries of an enclosed skatepark within a community park.  Login to your Google Account, then  Google for "Google M…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now