Solved

Password Protection/IP Addresses

Posted on 1998-11-20
10
185 Views
Last Modified: 2013-12-25
I run a web site which has sections I do not want people to access unless they have proper authorization (are members of the organization).  I would like to know the script to create a prompt for a username and password and I would also like to know how to incorporate the script (like <SCRIPT> tags or whatever).  The second question I have is about IP addresses.  I would like to know how to obtain someone's IP address (so my scripts can assign it a variable) as well as how to incorporate it.  Thanks for your help and if you can answer both questions without leaving me hassles, you will get your well deserved 700 points.
0
Comment
Question by:appletman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +3
10 Comments
 
LVL 1

Expert Comment

by:flivauda
ID: 1829701
Here is a perl solution, you will need to be able to run perl scripts

Save the code in a file called adduser
accesspart:
-----
#!/usr/bin/perl

$htgroup = "/u/mypath/.htgroup";
$htpasswd = "/u/mypath/.htpasswd";

if (@ARGV<1)
{ print "\nusage: adduser        [username]\n\n"; exit;
}

print "Add user: $ARGV[0]\nAre you sure? ";

if (<STDIN>!~/^y|Y/)
{ print "Add user aborted.\n\n"; exit;
}

print "Adding user to group file.\n";
system "cp $htgroup $htgroup.old ; sed 's/\$/ $ARGV[0]/g' $htgroup.old > $htgroup";
exec "htpasswd $htpasswd $ARGV[0]";

run that on the command line
% adduser timmy

for the ip addr use the environemnt variable
REMOTE_ADDR

example:
$ip = $ENV{'REMOTE_ADDR'}


0
 
LVL 1

Expert Comment

by:flivauda
ID: 1829702
The % adduer username

code is run locally on the machine and then it will prompt the user to login with the login boxes like you see on this site.  

Let me know if you need anything else
0
 

Author Comment

by:appletman
ID: 1829703
sorry im completely new to cgi-i need a complete walk through-for 700 points id like everything explained thoroughly and how to use the remote_addr
0
Is Your Team Achieving Their Full Potential?

74% of employees feel they are not achieving their full potential. With Linux Academy, not only will you strengthen your team's core competencies but also their knowledge of of the newest IT topics.

With new material every week, we'll make sure that you stay ahead of the game.

 

Author Comment

by:appletman
ID: 1829704
I was completely new to Common Gateway Interface and had no idea as to how to incorporate that script etc.
0
 
LVL 1

Expert Comment

by:dave1968
ID: 1829705
Need some info such as server platform, web server and versions to be able to determine what type of CGI you will be capable of.

You will not use <script> tags in your document if you are trying to do CGI.
0
 

Expert Comment

by:bobline
ID: 1829706
Do you have your cgi-bin directory?
0
 
LVL 1

Expert Comment

by:flivauda
ID: 1829707
We need to know if you have server side access.  Which means can you telnet in and modify your scripts?  Or do you have to use canned solutions provided by someone else that wont really do what you need?  Also do you know before time all the people you want to give username/password access to? What lanuage are you using for your scripts?

So answer these questions for me and we can get you taken care of:
1) Do you have access to run cgi scripts in the first place, (ie can you telnet in and modify scripts)
2) Do you know where your cgi-bin directory is?
3) Do you know ahead of time people you want to give user/password access to?
4) Are you using perl for your scripts?  If not can you?

As for the second part of your question about IP address if you are using perl, all you have to do to assign the person's ip address to a variable is this:
$ip = $ENV{'REMOTE_ADDR'}

where $is is the variable name and $ENV tell it to read from the environment the remote_addr which will be their ip adress

0
 
LVL 8

Expert Comment

by:shlomoy
ID: 1829708
If your server is using apache you can use htaccess to restrict some files or some directories from some users (you decide which ones and which files) from accessing your data.

I can suggest a link to a web-page with all the necessary data:
http://www.apacheweek.com/features/userauth

0
 

Accepted Solution

by:
genuinegenius earned 700 total points
ID: 1829709
1. This would depend on whether you have access to the server. If so you can use CGI scripts and properly protect your site. If this is the case then good luck but I know no more. However, if you do not have access to the server you can write or find a java applet that requires a password before it takes you to a page. Once past the lock there is nothing to stop the user bookmarking the page and entering again, but as long as they don't know the name of the page the lock will take them to they will need to pass the lock at least once. Such an applet can be simply made using a program called Raida Lock, which can be downloaded free at

www.tucows.com

in the java section.

2. To find the IP address of a computer you must know the domain name e.g www.microsoft.com

this is difficult with users of ISP's as their domain names are hard to find. If you do find the DN then you can PING this to reveal the IP.

Alternatively your friend could run an IP poster. These programs 'post' your IP address to a webpage of your choice. Many can be found at

www.tucows.com

As well.

Good Luck (especialy if you have read all of this)
0
 

Expert Comment

by:genuinegenius
ID: 1829710
Cheers!
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Making a simple AJAX shopping cart Couple years ago I made my first shopping cart, I used iframe and JavaScript, it was very good at that time, there were no sessions or AJAX, I used cookies on clients machine. Today we have more advanced techno…
Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question