Hey,

I have a site with a few files,but to save bandwith I would like to make a members area to allow exclusive people to access the members section and gail access to the larger files.I was trying to find something like most adult sites use that ban after to many ip's login to the same account ect..,I heard this was possible using .htaccess and .htpassword or something to set the respective username & password for each account.Does anyone know anything similar that I can use that gives good members control and secure multi Ip login??? Any help is greatly appreciated!

Regards

Mick

.htaccess is your safest bet, as it is probably the most secure form of password protection. However, unless someone else knows a rewrite code I haven't heard of, I don't think .htaccess can stop members (or visitors who know the username and password) from accessing the pages it protects the way you want.

If you MUST you will need to use a php or other server-side code to only allow X number of people in at a time.

However if you just want a "members area" you can use .htaccess and .htpasswd files.

Simple open notepad (or other PLAIN text editor) and type the following:



# Begin password protection #
AuthName "Please enter your username and password"
Require valid-user
AuthUserFile /path/to/root/.htpasswd
AuthType basic
# End password protection #


here, the "path/to/root/.htpasswd" needs to be changed. The SAFEST bet is to place this OUTSIDE your root folder (the folder where all your webpages are). This folder is usually called /public_html/ or /htdocs/ etc.

for example on my server the path is /home/usr/public_html/ so I would use:

/home/usr/.htpassword

once that is done, save as .htaccess (do NOT forget the dot at the begining)

Sometimes notepad will save as .htaccess.txt if this happens besure you REMOVE the .txt part after you upload it.

Now upload it to your folder that you want only the members to have access to.

Next is to create the .htpasswd file.

You will again use notepad. You will have to have a username and a password ready, then visit This link (http://tips-scripts.com) OR DD's link (http://tools.dynamicdrive.com/password/)

Personally I use the first one, but there (on the right hand bar half way down) you can only do one at a time. With DD's script you can do multiple passwords.

Either way when you are done you will have a string for each name that will be halfway encrypted (as ONLY the passwords are encrypted.

So, if I encrypted username BLiZZaRD password dynamic my string would look like:

BLiZZaRD:hsy7HE9LWNDFjni327af.

copy and paste this WHOLE string into the .htpasswd file, only ONE per line and NOTHING else in the file.

Once all are done, save as .htpasswd (again remove the .txt if it is there) and upload it OUTSIDE your root folder.

Meaning when you upload and are looking at your server files you should see your root folder AND the .htpasswd on the same page.

Then you are done.

If this isn't what you need then again you will have to go with php, which is fine in itself, but is much less secure.