nate

hey, i am designing a website at school, and the administrator is forcing me to add htaccess protection to logging in... i dont want people to have to log in to any part of the site, just need the people who will post content to double log in...... he wants htaccess, but how can i restrict login access when everything works through index.php... it seems like i can restrict access to the whole index.php but nothing else

any suggestions? is there another file used that i can restrict or somethign?

i dont need to worry about administrator at this point (but i would assume i just restrict that one administrator folder for that)

ApSpecialists

One thing comes to mind... Why is it that your admin is leaving security up to you...??? Anyway, there's a security tutorial at mamboforge.net that may help a bit.

I'm not sure how your school's users access your site, but (I'm going on memory here, so I'm not entirely sure ) if they are logging in and authenticating locally and are setup to be a member of a regonized *nix group... You may be able to set an Allow/Deny to bypass that group and force authentication on anyone else not a member.

If they aren't logging in locally, and are just accessing the site normally (just as an Internet user does), there might be no choice except double logins.

Just to be sure, there is quite a bit at apache.org on htaccess, and there are even quite a few htaccess forums that you can Google for it too.

__________________
If I stop learning, close the lid... I'm dead
Mambo Hosting :: iNET Host Services
The Mambo Directory :: MamboVista
Templates :: Mambo-Corporate