: How to wrap up and protect project under development My company is working on a new web app and it's website is developed by outsourced company (let's say under beta.mydomain.com). Of course

My company is working on a new web app and it's website is developed by outsourced company (let's say under beta.mydomain.com). Of course this site has some user-management mechanisms, but there are huge part of front-end, that are meant to be visible to even not-logged user.

Lately this beta site was leaked. What is the best way to protect that website while it is being under development? My goal is to protect that page/domain (i.e. via password) with lowest possible ingerention in the outsourced website's code (because it's still under dev).

I was thinking about some kind of wrapper-page (with logging mechanisms) and .htaccess file that would check for redirection from that wrapper, but I wanted to ask first what is your experience in that matter? How can I achieve that?

10.03% popularity Vote Up Vote Down

: Content scrapers are external robots that copy contents of any website to their own server.

@Annie201

0 Comments

: How to get an overview of external links on a website in the shell? I want to get an overview of external links on my websites. Ideally I want to control everything myself with open source

@Annie201

Posted in: #Links

1 Comments

: Do you have "Show Hidden Files" option enabled? By default WinSCP comes with the option "Show Hidden Files" set to true. but sometimes it comes with this option disabled. To activate this option

@Annie201

0 Comments

: Google Analytics debugging steps/tools? (after 99% traffic reporting drop) I run a very large web community (3M+ views/mo) and a few months ago Google Analytics began reporting a 99% decrease

@Annie201

Posted in: #GoogleAnalytics

2 Comments

Login to post a comment!

3 Comments

Sorted by latest first Latest Oldest Best

@Murray432

Use HTTP Authentication. When visiting the page people would be prompted with a login box. If they log in the site works as expected, if they don't have valid login credentials they get a "401 - Unauthorized" error and nothing else.

You don't have to change your website code of anything for this. It can be enabled from your hosting control panel, of from your .htaccess file.

10% popularity Vote Up Vote Down

@Sent6035632

If the beta has an admin side, or even accounts in general, just use those. Don't render the site unless they are logged in as an admin or a dev. This would also prevent it from being crawled since bots wouldn't be logged in.

10% popularity Vote Up Vote Down

@Annie201

Well the best and quickest way of doing this, and I think it's the more plausible as well is to restrict access for every IP Address and only allow your own IP Address to have access to the website.
This can be done via htaccess, by adding this rule:

order deny,allow
deny from all
allow from 111.222.333.444

Later if you need to allow more than one IP Address, just add below another Addresses

allow from 000.222.000.444

10% popularity Vote Up Vote Down

Feed

: How to wrap up and protect project under development My company is working on a new web app and it's website is developed by outsourced company (let's say under beta.mydomain.com). Of course

More posts by @Annie201

: Content scrapers are external robots that copy contents of any website to their own server.

: How to get an overview of external links on a website in the shell? I want to get an overview of external links on my websites. Ideally I want to control everything myself with open source

: Do you have "Show Hidden Files" option enabled? By default WinSCP comes with the option "Show Hidden Files" set to true. but sometimes it comes with this option disabled. To activate this option

: Google Analytics debugging steps/tools? (after 99% traffic reporting drop) I run a very large web community (3M+ views/mo) and a few months ago Google Analytics began reporting a 99% decrease

Login to post a comment!

3 Comments

Back to top | Use Dark Theme