?
Solved

Secure socket layer?

Posted on 1998-02-27
12
Medium Priority
?
317 Views
Last Modified: 2013-12-25
Hi, I would like to have information on secure socket layer. Does it take great skill of programming. I'm a graphic designer and I build website so my programming is limited to HTML and some Java. To reason why i'm asking you this is because my boss wants me to make private information on our website so that only members will have access to those database. Can you give me some solutions???
0
Comment
Question by:cmag
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 3
  • +1
12 Comments
 
LVL 1

Expert Comment

by:phutson
ID: 1857656
How secure does this informations need to be? You can do simple passwords protection with the .htaccess file but that will not protect the data in transit. There are many examples of how to use the .htaccess file here and there should be at least one example of how to add passwords to the password file automaticly in one of the forums. SSL only protects data in transit.
0
 

Author Comment

by:cmag
ID: 1857657
I would like to know more about htaccess file. The protection does not need to be very "high" (it is not vital informantion) only to had a bit of security.

 
0
 
LVL 5

Expert Comment

by:julio011597
ID: 1857658
To give you further insights, would you mind telling which web server you are using?

BTW, the kind of protection phutson has talked about, is the same you can see when loggin to this site: there's a database of authorized users and one has to give user name and password to have access to pages. This seems indeed enough for your needs.
0
Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

 

Author Comment

by:cmag
ID: 1857659
The server we have is Windows NT 3.51.
BTW does the htaccess files slow down the server?


Thanks
0
 
LVL 5

Expert Comment

by:julio011597
ID: 1857660
That is the Operating System. What we need is your Web Server (e.g. Netscape FastTrack, Microsoft IIS, etc.).

In practice, there's no slowdown with access control enabled; actually, the only difference is that each incoming request, besides file name, bring an additional login name and password information.
0
 

Author Comment

by:cmag
ID: 1857661
We are in Network so it really is a Windows NT Server... at least that's what everybody here seems to tell me. We use the hard drive of this computer (whit the WinNT server on it) to hold the files of our websites.

I don't know if that help you in anyway. I'll try to talk with my technician this evening to be sure.
0
 
LVL 1

Expert Comment

by:phutson
ID: 1857662
Sounds like your using IIS. If thats the case there is a .htaccess equivilent on it. I have never done so I would need to look it up unless Julio has already done it and can answer it without going to another source.
0
 
LVL 2

Accepted Solution

by:
shogi earned 140 total points
ID: 1857663
If you need really a secure connection you need to have a KEY. For each connection, email you need to secure you will need to use this KEY. If you support Netscape and IE you need 2 Keys, one for Netscape and one for IE.  If you just have to support only one of those browser in you Intranet you just need the KEY for you browser you want to support.  But were you can get this KEY and more information about secure connection : www.verisign.com

Just becarefull want you get your key... get the good one for the good browser... and the good level of security to the type of secure connection you want.

You can have too KEY for the server... See at verisign you will have some helpfull informations.

Regards, Shogi
0
 
LVL 5

Expert Comment

by:julio011597
ID: 1857664
phutson:
no, i've never worked with IIS, so feel free to provide an answer;

shogi:
what are you talking about, man?? if you had read comments, you knew that cmag is actually asking for access control.
0
 

Author Comment

by:cmag
ID: 1857665
I'll wait for your answer phutson. Thanks to all of you guys for the helping!


cmag
0
 
LVL 1

Expert Comment

by:phutson
ID: 1857666
Ok what I have found (if anyone else can tell it better please do). You need to allow basic (clear text password authentication). Open the internet service manager with start-->programs-->internet information server --> internet service manager.
Then open the web services properties page by double clicking on the name of the web server showing on this page then select clear (basic authentication). You will then be able to change the directory rights in subdirectories off of the web server's root directory to restrict access to certain groups or users (I would suggest only changing access based on groups). I still have not done this on my iis server. So if this doesn't work let me know and by then I will probably have done this and will be able to walk you through a real setup. The book that I got some of the information out of is Microsoft Internet Information server 4.0 sourcebook by Michele Petrovsky  isbn 0471178055
0
 
LVL 1

Expert Comment

by:phutson
ID: 1857667
I forgot to mention DO NOT use the same login ids for both access to internet directories as you use for the rest of the network. The passwords and userids are sent across the internet unencrypted. They would be very easy to pull out of packets if anyone was watching. You could use the microsoft challeng/response authentication but that would require  the users to the secured section to use Internet Explorer.
0

Featured Post

Learn how to optimize MySQL for your business need

With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Dramatic changes are revolutionizing how we build and use technology. Every company is automating, digitizing, and modernizing operations. We need a better, more connected way to work together as teams so we can harness the insights from our system…
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
This tutorial walks through the best practices in adding a local business to Google Maps including how to properly search for duplicates, marker placement, and inputing business details. Login to your Google Account, then search for "Google Mapmaker…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question