: Should I make pages on my website accessible by the admin only? How do I do it? In my website idea I have got a number of pages that should be accessible by the admin only. Is this a
In my website idea I have got a number of pages that should be accessible by the admin only.
Is this a good practice? (amateur alert)
Also how do I protect these pages? I know about
if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']) || ($_SERVER['PHP_AUTH_USER']!='admin') || ($_SERVER['PHP_AUTH_PW']!='password'))
{// The username/password weren't entered so send the authentication headers
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="Admin"');
Is this all I can do?
Also how do I make sure that my website is secure? That is, since I am an amateur, I have this book on PHP and all I have in my PHP script are a few if-else statements and accordingly SQL queries?
Is this how the php script would usually be like or have I just learnt the most basic thing and I'm making use of it more than I should?
More posts by @Lengel546
1 Comments
Sorted by latest first Latest Oldest Best
first of all, do you ave an apache or nginx server ? If so, you can simply protect the directory by a password without the use of a script. A script can be harmfull for protecting an area if you are not used to php and web security.
Keep in mind that your script can be exposed to sql injection, php exploits and alikes.
To answer your question, no, it is not a good practice.
Apache
auth httpd.apache.org/docs/2.0/howto/auth.html
Nginx
wiki.nginx.org/NginxHttpAccessModule
And a lot on stackoverflow and pro webmasters :-)
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.