Solved

Security

Posted on 1999-01-12
6
144 Views
Last Modified: 2010-04-09
Hi,

I created a webpage(Say Page A) asking the userId and Password,after the user entering the ID,password i am sending to the CGI program in a server,there i am checking .If the UserID and Password  is correct i am allowing to access another page(Say page B)

Suppose if the users knows the page B 's URL ,he can directly type the URL of Page B and he will enter in to the page B.Then what is the security ?then why we need the first page(Page A)UserID and Password.How i will protect the user directly entering in to the particular page instead of entering in to the UserId and Password page.please Help Me.
0
Comment
Question by:senthil_krn
6 Comments
 
LVL 5

Expert Comment

by:Christian_Wenz
ID: 1841613
you can try setting a cookie if the user enters the correct username/password combination, and make page B require this cookie.
However, why don't you just password-protect page B using htaccess?
0
 
LVL 11

Accepted Solution

by:
mouatts earned 20 total points
ID: 1841614
An alternative way is to check the environment variable HTTP_REFERER when a request for page B is made if this is anything other than page a then it indicates that access was not via the proper route.

Tied in with this is that the CGI can output the page which if you want stored as a normal html page can be stored in a location that the CGI can get to but the webserver can't.

There are a few other methods but when you start taking control of the security of a site, rather than leaving it to htaccess et al, you will soon find that you will need to generate all pages.

HTH
Steve
0
 
LVL 84

Expert Comment

by:ozo
ID: 1841615
@
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:senthil_krn
ID: 1841616
Sorry i am new to this Concept can u give a code.
0
 
LVL 5

Expert Comment

by:Christian_Wenz
ID: 1841617
what kind of web server are you currently using? do you have cgi access?
0
 

Author Comment

by:senthil_krn
ID: 1841618
I am Using a NetscapeServer (Webserver version 3.6) and i am having cgi access.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Bootstrap input box width 2 33
Form with Modals 16 43
Objects on Same Line 2 18
Why my select dropdown does not work? 8 26
Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
Building a website can seem like a daunting task to the uninitiated but it really only requires knowledge of two basic languages: HTML and CSS.
In this tutorial viewers will learn how to position items using CSS's three positioning types Create a new HTML document with an internal stylesheet.: Create another div in CSS and name it Absolute : Type "position:absolute;" and "top:10px; left:50p…
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now