Results 1 to 5 of 5

Thread: Password Protecting a site...

  1. 04-24-2006, 05:55 PM #1
    TnT
    Guest

    I Wonder? Password Protecting a site...

    Ok, I've read up on the need to password protect anything "hardcore" so I've looked into how to do it.

    I've read up on .htpasswd (which my server does support) and how it basically works, but as I am NEW at this whole thing, I don't grasp how I can get it to automate itself to allow new users. It just sort of "pops up" and asks for username and password, there's no where for some one to register.

    I got it to allow me, but I did it throught my server. Are there any better "free" programs or ways to password protect or create "member sign in" page using .htpasswd?

    ....In english?.....
    Reply With Quote Reply With Quote

  2. 04-24-2006, 07:12 PM #2
    gaybucks_chip
    gaybucks_chip is offline
    On the other hand.... You have different fingers
    Join Date
    Feb 2004
    Location
    San Francisco
    Posts
    3,548
    You're talking about member/password management. If you're using a biller like ccbill, they can handle the password management for you. If not, there are a bunch of free or inexpensive scripts that will do it (check freshmeat.net and/or sourceforge.net)

    But... if you're unfamiliar with what you're doing, I would also highly recommend getting somebody on an as-needed consulting basis to be able to do stuff like that for you, because there are a lot of other issues related to site security, password hacking, etc that you need to think about.
    Reply With Quote Reply With Quote

  3. 04-24-2006, 09:36 PM #3
    raymor
    Guest
    As mentioned you'll generally need to bill the users and for that you'll use a
    service like CCBill.com. They will provide a very basic script to add and
    remove users as they are billed. Their script is pretty low security, though,
    and it can be made more secure free or almost free - anyone with some basic
    programming experience can do it or we charge $20. The free way of improving
    the security has to do with the encryption it uses, which is very weak, and the
    weak passwords. These modifications are most easily done ion the beginning,
    before your site has any members. This page explains more about stronger
    passwords and stronger encryption:
    http://bettercgi.com/strongbox/passgen/

    Eventually your passwords will get posted on password sites, where potentially
    thousands of people will use the same user name and password, costing you
    money in hosting bills. You'll also have people using software to try hundreds of
    thousands of username / password combinations until they find one that works.
    Whenever your budget allows for $100 to protect against those threats you can
    get the Strongbox security system to protect your site:
    http://bettercgi.com/strongbox/
    Reply With Quote Reply With Quote

  4. 04-25-2006, 11:12 AM #4
    TnT
    Guest

    Thank you for your replys!

    Thank you gus for your replies, I am learning quite a lot!

    CCBill is great, but I'm not at the billing stage yet.

    Should I set up as a billing site, even though I'm not yet ready to charge? I was thinking more along the lines of a free members area (join here for free!) and then setting up for a paid members area later.. Is that possible?
    Reply With Quote Reply With Quote

  5. 04-25-2006, 11:43 AM #5
    raymor
    Guest
    Quote Originally Posted by TnT
    Ok, I've read up on the need to password protect anything "hardcore" so I've looked into how to do it.
    ...
    I was thinking more along the lines of a free members area (join here for free!) and then setting up for a paid members area later.. Is that possible?
    Though it's certainly possible (I've written the sofware to do so), there's not much
    reason to do so. The reason people say you need to password protect hardcore
    and indeed softcore as well is because it legally shows an effort to make sure the
    user is over 18. The idea being that people under 18 normally don't have credit cards.
    As I recall US law specifically provides for this defense, saying that by requiring a
    credit card you're doing your duty to keep the material away from minors.
    Of course statutes (laws) in this area change frequently so that may well not be
    a current statutue, but even if it's not a current statute it's a good argument to
    use in front of a jury. If you don't charge a credit card you don't have the benefit,
    so why would you require a password that you give them for free anyway?

    What may suit your needs is an AVS. They charge the customer
    a minimal amount for access to thousands of sites in the network. The classic
    AVS model is to charge customers $20-$25 per year, though many of the AVS
    systems have gone way up on their pricing, more like $25 / month. That's still
    a pretty good deal for access to a quarter million sites. You get the
    advantage of being able to say that ou're doing something to keep minors out,
    while the customer pays very little to get in to not only your site but also maybe
    50,000 other sites. You also get paid for each member who joins the AVS
    after being referred from your site. Some AVS systems to check out include:
    http://www.adultverifier.com/av/regs...sitenumber=115
    http://aux.avsofchoice.com/wmtour/?refwm=3203536
    http://netverifier.com/getpaid.asp?siteid=9586
    http://www2.adultsights.com/wmsignup.cfm?site=st60388

    PS - The more I think about it the more I think the "credit card as proof of age"
    law / regulation was repealed or never quite passed, but anyway it's a good
    arguemnt for a jury to hear.
    Reply With Quote Reply With Quote

« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules