|
it
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
passwords in the source?email sessions using our contact forms. I'd like to password protect these files so that if someone happened to get a link to it, they couldn't start passing it all around for anyone to read, and I certainly wouldn't want the link to find its way into a Google search! I've thought about creating a password string that I could hold in the <% [code] %> portion of my .asp pages. Then, if someone tries to open a history file, they are first prompted for a password. If it matches what is in the <% [code] %> section, they get in. I just feel like my password is left out in the clear if I include it as part of the asp code. Is this way ok, or bad? Is there a better way? What is a good, simple way to implement this? If someone knows of an example application somewhere, I'd be happy to see that link.
Show quote
Hide quote
"jp2code" <poojo.com/mail> wrote in message Is this your server or is the site hosted by a third party?news:upnv79CEIHA.4228@TK2MSFTNGP02.phx.gbl... > I've got some files that are not very sensitive. Mostly history files from > email sessions using our contact forms. > > I'd like to password protect these files so that if someone happened to get > a link to it, they couldn't start passing it all around for anyone to read, > and I certainly wouldn't want the link to find its way into a Google search! > > I've thought about creating a password string that I could hold in the <% > [code] %> portion of my .asp pages. Then, if someone tries to open a history > file, they are first prompted for a password. If it matches what is in the > <% [code] %> section, they get in. > > I just feel like my password is left out in the clear if I include it as > part of the asp code. > > Is this way ok, or bad? > > Is there a better way? > > What is a good, simple way to implement this? If someone knows of an example > application somewhere, I'd be happy to see that link. > On your own server it would be a simple matter of just turning off anonymous access and turning on Windows Integrated security. -- Anthony Jones - MVP ASP/ASP.NET No, it is a hosted site. The server is not mine.
Show quoteHide quote "Anthony Jones" wrote: > Is this your server or is the site hosted by a third party? jp2code wrote on 16 okt 2007 in microsoft.public.inetserver.asp.general:
Show quoteHide quote > I've got some files that are not very sensitive. Mostly history files <META NAME="robots" CONTENT="noindex,nofollow">> from email sessions using our contact forms. > > I'd like to password protect these files so that if someone happened > to get a link to it, they couldn't start passing it all around for > anyone to read, and I certainly wouldn't want the link to find its way > into a Google search! > > I've thought about creating a password string that I could hold in the > <% [code] %> portion of my .asp pages. Then, if someone tries to open > a history file, they are first prompted for a password. If it matches > what is in the <% [code] %> section, they get in. > > I just feel like my password is left out in the clear if I include it > as part of the asp code. > > Is this way ok, or bad? > > Is there a better way? > > What is a good, simple way to implement this? If someone knows of an > example application somewhere, I'd be happy to see that link. <body> <% if request.form("pw") = "blahblah" then session("ok")="ok" end if if session("ok")="" then %> <form method='post'> You are out! Try to get in.<br> <input type='password' name='pw'> password<br> <input type='submit'> </form> </body> <% response.end end if %> You are in! </body> -- Evertjan. The Netherlands. (Please change the x'es to dots in my emailaddress) I modified your code just a little, but that worked great!
Special thanks for the meta tag! I never would have thought to look there. Thanks a lot! Show quoteHide quote "Evertjan." wrote: > <META NAME="robots" CONTENT="noindex,nofollow"> > <body> > <% > if request.form("pw") = "blahblah" then > session("ok")="ok" > end if > if session("ok")="" then > %> > <form method='post'> > You are out! Try to get in.<br> > <input type='password' name='pw'> password<br> > <input type='submit'> > </form> > </body> > <% > response.end > end if > %> > > You are in! > </body> Gazing into my crystal ball I observed "jp2code" <poojo.com/mail> You should also use robots.txt (Google for it). Understand that writing in news:OdiOnsMEIHA.5324@TK2MSFTNGP02.phx.gbl: > I modified your code just a little, but that worked great! > > Special thanks for the meta tag! I never would have thought to look > there. > misbehaving robots may not follow directives, so it IS a very good idea to check server side. You can also do something like: <a href="http://www.example.com" rel="noindex, nofollow">Some offsite URL I want to give to my visitors, but don't want robots to follow</a> Google and Slurp follow the above directive as well as robots.txt and meta. Show quoteHide quote > > "Evertjan." wrote: >> <META NAME="robots" CONTENT="noindex,nofollow"> >> <body> >> <% >> if request.form("pw") = "blahblah" then >> session("ok")="ok" >> end if >> if session("ok")="" then >> %> >> <form method='post'> >> You are out! Try to get in.<br> >> <input type='password' name='pw'> password<br> >> <input type='submit'> >> </form> >> </body> >> <% >> response.end >> end if >> %> >> >> You are in! >> </body> > > -- Adrienne Boswell at Home Arbpen Web Site Design Services http://www.cavalcade-of-coding.info Please respond to the group so others can share Thanks! I have implemented that as well.
Show quoteHide quote "Adrienne Boswell" wrote: > You should also use robots.txt (Google for it). Understand that > misbehaving robots may not follow directives, so it IS a very good idea > to check server side. You can also do something like: > > <a href="http://www.example.com" rel="noindex, nofollow">Some offsite > URL I want to give to my visitors, but don't want robots to follow</a> > > Google and Slurp follow the above directive as well as robots.txt and > meta.  
Other interesting topics
How to open a file on the clients local hard drive from within ASP
Generate email when I click button? HTTP 401.1 error when using IP address... ASP Page, Access Base, PARAMETER not send !!! Page continuously refreshs PLEASE HELP! Getting Error -214746259 Creating a variable name as the value of another variable. Link checker in ASP variable asp include How to play .vox file in asp page |
|||||||||||||||||||||||
