Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Security

Posted on 1999-01-12
6
Medium Priority
?
153 Views
Last Modified: 2010-04-09
Hi,

I created a webpage(Say Page A) asking the userId and Password,after the user entering the ID,password i am sending to the CGI program in a server,there i am checking .If the UserID and Password  is correct i am allowing to access another page(Say page B)

Suppose if the users knows the page B 's URL ,he can directly type the URL of Page B and he will enter in to the page B.Then what is the security ?then why we need the first page(Page A)UserID and Password.How i will protect the user directly entering in to the particular page instead of entering in to the UserId and Password page.please Help Me.
0
Comment
Question by:senthil_krn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 5

Expert Comment

by:Christian_Wenz
ID: 1841613
you can try setting a cookie if the user enters the correct username/password combination, and make page B require this cookie.
However, why don't you just password-protect page B using htaccess?
0
 
LVL 11

Accepted Solution

by:
mouatts earned 40 total points
ID: 1841614
An alternative way is to check the environment variable HTTP_REFERER when a request for page B is made if this is anything other than page a then it indicates that access was not via the proper route.

Tied in with this is that the CGI can output the page which if you want stored as a normal html page can be stored in a location that the CGI can get to but the webserver can't.

There are a few other methods but when you start taking control of the security of a site, rather than leaving it to htaccess et al, you will soon find that you will need to generate all pages.

HTH
Steve
0
 
LVL 84

Expert Comment

by:ozo
ID: 1841615
@
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:senthil_krn
ID: 1841616
Sorry i am new to this Concept can u give a code.
0
 
LVL 5

Expert Comment

by:Christian_Wenz
ID: 1841617
what kind of web server are you currently using? do you have cgi access?
0
 

Author Comment

by:senthil_krn
ID: 1841618
I am Using a NetscapeServer (Webserver version 3.6) and i am having cgi access.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
The viewer will receive an overview of the basics of CSS showing inline styles. In the head tags set up your style tags: (CODE) Reference the nav tag and set your properties.: (CODE) Set the reference for the UL element and styles for it to ensu…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question