Protected webserver folders

Private directories on websites

file: hh4IonosProtDir.htm

What you are reading is a page I put "on the internet".

That "I" is quite literal. I have help from an excellent commercial service... they take care of the messy bits for me... but what you see here is the creation of a single individual with a text editor (Textpad), and an FTP client (Filezilla) to upload my creations to my rented server space. Nothing fancy.

The idea of my pages is to help and inspire other individuals. I've been able to do it. You can too. If you are working towards having skills someone will pay you for, so much the better, but I am not a department of Google in some far off tech zone.

Today the topic is "Protected Directories".

When I opened with "what you are reading is a page I put "on the internet", it was to set the stage for the following...

There are many ways to put things on the internet. Some of the things people put there are meant for a wide audience. Others are not supposed to be accessible to just anyone.

(A simple, effective "solution" is to put "it"... be it text or images... in a .pdf, and save that .pdf with a password. Easy if you use Libre Office or Open Office... but that's another story!)

One way to have restricted-access material on the internet is to use protected folders.

If you try to access http://sheepdogsoftware.co.uk/ProtFolder/FirstProtected.htm, you will get an authentication dialog... you will be asked for Username and Password.

That would be the credentials for that directory ("ProtFolder"). People who can supply them can look at pages in it, e.g. FirstProtected.htm

Simple! (To use!)

The Ionos way

From here, my notes here are highly specific. They discuss how Ionos customers can create a protected directory on the webserver managed for them by Ionos. (Ionos: "1 and 1" before 2019.)

From the main, "overview" page for your service from Ionos, go into "Domains and SSL". There's no need to specify a domain at this point. Put "Protected dir" into the search bar at the top of the page, and "Protected directories" should pop up. Click on that.

If you've never had any protected directories, the first step is to set up one or more Users. (Even if you've never had protected directories, you will find one user on the page. Don't mess with that! It is to do with using the Ionos service!)

The "set up users/ protected directories" page is pretty self explanatory, I hope. The page you are reading is mostly to alert you to what is available to you.

Each user will have a password, and will be granted access to one or more directories on one or another of any domains you have under the contract you logged into.

If you already have a protected directory set up it will have at least one user. You will be able to see the user's name here. (It is case sensitive, by the way). But you cannot see an existing password. If you've lost the password, you can set a new one. I know of no way to recover an old password.

BEWARE: The process of changing a password may cause the directory's .htaccess file to be over-written. I'm not sure that other things in it will be preserved along the way. ("Other things"? "Page not found" redirection is handled by entries in the directory's .htaccess file, for example.)

There was a good FAQ about creating, using protected directories on the Ionos site, but they changed the URL. You'll have to find it for yourself. Sorry.

In theory, there can be a lag of as much as 30 minutes between the setup of a new protected directory and it being protected. During that time, you may be able to access files in the directory without having to authenticate yourself. If testing to see if protected yet, be sure to press f5 (or ctrl-f5) to get fresh read of page, not just what is in cache!

Once you think you have a protected directory, e.g. ProtFolder, put something in it, e.g. TryMe.htm, and then try to access THE FILE, e.g. request "http://YourURL/ProtFldr/TryMe.htm".

You should be asked to authenticate yourself.

The bad news

Protected directories are a great answer to some wants. But they aren't perfect.

The "security" is pretty limited: If you don't close the browser to de-authenticate yourself after using the material in the protected directory, anyone sitting down at the machine in question can go back into the folder, just by entering the URL... which they can find in the "history" log.

Implementing reliable authentication auto-time-out seemed difficult when I looked into it. And it used on kludges... due to how authentication done. (See.. http://stackoverflow.com/questions/449788/http-authentication-logout-via-php .. and... http://www.ssi-developer.net/htaccess/htaccess_logout.shtml if you want to investigate further.

I hope that was useful?

The general idea of these pages is it make it easier for you to do something fun... or at least useful. I hope this one achieved that? Your thoughts and anecdotes would be welcome. Please mention the page's filename (-hh4IonosProtDir.htm) in your email.

If you found this of interest, please mention in forums, give it a Facebook "like" or "share"? I've almost given up writing these pages, because it seems they are seldom read, and of course not every reader will use them... so... is there any point? If you want more of this stuff, help!?

   Search this site                 powered by FreeFind
Site Map    What's New    Search

Click here to visit my main homepage where you can explore other areas, such as education, programming, investing.

More material like this is available from my HELPFUL HINTS HOMEPAGE.

Valid HTML 4.01 Transitional Tested for compliance with INDUSTRY (not MS-only) standards, using the free, publicly accessible validator at validator.w3.org. Mostly passes.

Also tested for and passes... Valid CSS!

Why does this page cause a script to run? Because of the Google panels, and the code for the search button. Also, I have my web-traffic monitored for me by eXTReMe tracker. They offer a free tracker. If you want to try one, check out their site. Why do I mention the script? Be sure you know all you need to about spyware.

....... P a g e . . . E n d s .....