Solved

How to Password Protect a Web Directory

Posted on 2004-08-18
12
635 Views
Last Modified: 2010-04-11
I want to Password Protect an entire web directory and all subdirectories without having to use include files on every single file.
Can I do this in one location?

Thanks,

-Brett
0
Comment
Question by:brettz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 3
  • +1
12 Comments
 
LVL 1

Expert Comment

by:mgrass
ID: 11834970
What's the OS?
0
 
LVL 2

Expert Comment

by:xscousr
ID: 11835101
and what is the webserver? IIS? Apache?
0
 

Author Comment

by:brettz
ID: 11835130
Sorry, I forgot that critical info.

OS: Windows 2000 Server
Webserver: IIS
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 
LVL 1

Expert Comment

by:mgrass
ID: 11835177
Right-click the folder where your site resides in inetpub and select security.  Remove any internet guest account or everyone account (that is the anonymous access) that is present.  That will prompt a visitor for NT credentials; once provided they're in.  
0
 

Author Comment

by:brettz
ID: 11835201
Well, I forgot something else.

I want to do this by having users validate through an API script and not Windows NT Authentication.
Is this possible?

-Brett
0
 
LVL 1

Expert Comment

by:mgrass
ID: 11835235
I'm sure it is.  
I don't have a clue how though.  :)
If you will give as much detail as you can, I'm sure some expert will be able to set you right up.

Mike
0
 
LVL 2

Expert Comment

by:tonyhowarth
ID: 11835780
There's a product called Authentix from Flicks software.

It's really good, very easy to install and configure and will do exactly what you require.  It basically installs itself as an asapi filter.  Then you can auto logon someone from you own API (samples provided) or have Authentix challenge the user.

Have used it for years and I would highly recommend it.

Tony
0
 

Author Comment

by:brettz
ID: 11840919
Thanks Tony that looks great, but I don't have the money to buy it.  Only a free trial is available.
Does anyone know of any Freeware that will do this OR has anyone ever done this in their own code?
0
 
LVL 2

Expert Comment

by:tonyhowarth
ID: 11841164
Write it yourself....it's only a ISAPI filter and if you want a basic one that cannot cope with millions of users (like Authentix) then it should be that tricky?

Tony
0
 

Author Comment

by:brettz
ID: 11841370
I would like to write it myself.  The reason I came here is because I don't know how. Can someone directy me to a site where I can learn how to write an ISAPI filter that uses an API logon or view someone's code who has done this to get ideas?

Thanks,

-Brett
0
 
LVL 1

Expert Comment

by:mgrass
ID: 11841449
Lots of ISAPI resources here:  http://www.dataweb.de/en/support/isapi.html
It's just a matter of googling it all up.
0
 
LVL 2

Accepted Solution

by:
tonyhowarth earned 50 total points
ID: 11841457
0

Featured Post

Webinar June 1st - Attacking Ransomware  

The global cyberattack that corrupted hundreds of thousands of computer systems on May 12th had a face, name, & price tag that we’ve seen all too often in recent years: Ransomware. With the stakes – and costs – of a ransomware attack higher than ever, is your business prepared ?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question