I hope someone knows how to setup a web site that you must login to see the site information contents.

I haven't had a site that didn't where are you building one ? And if it lets you click & manage it's probably got a cookie to log you in.

Do you plan on having one general username and password for everyone, or unique usernames and passwords? If you are going to use unique usernames and passwords you will have to use a database. What code does your server support? Coldfusion, PHP, ASP? I can help you set up a password protected site with coldfusion if it is supported.

My servor support PHP and ASP only.

Where are you hosting this site, are you hosing it on your own server or someone else's, what server software are you using?

The reason i ask is because if your server supports htaccess then its your problem solved, if your hosting your site with another company then email them and ask them if they support that form of password authentication

If they do suppot htaccess then do a search on google and you'll find loads of help files to guide you through

James

Check out "dynamicDrive.com" or "javascriptkit.com" for javascript password protection. These can't be hacked by "view source". I personally use "GateKeeper" from javascriptkit.com for my site.

Be careful with Gatekeeper or any other javascript protection. You can disable javascript in your browser.

Also, once someone accesses the page, all they need to do is bookmark it and they will be able to get in directly.

If you use frontpage, you can password protect an entire web folder. I don't think there's a problem with the bookmark thing.

I'm not the smartest turnip in this patch but I cannot find anywhere to disable "javascript" in the browser. Java yes but not javascript. The two are totally different. Unless your're posting some kind of "top secret" information in your site the javascript will keep out 99.99 percent of viewers. Would you also direct me how to disable "javascript" in my browser? I'm using IE 6.0

Tools > Internet Options > Security > Custom Level:

Active Scripting > Disable
Allow paste options via script > Disable

You can also view source when javascript is protecting the html or code.

That would be great if we were talking about Active X scripting but we're talking about javascript. GateKeeper does allow you to see the scripting under "view source" but not the password. If that is a concern you can use the "javascript.src=xxx command and the code never leaves the server. It is impossible for anyone, except the people who own the server, to see the code. All you will see is "javascript.srcxxx ---end script". Since Yahoo and Microsoft have both been hacked I really don't think anything we amatures can do will keep a dedicated hacker from seeing "Aunt Mary's" Christmas photos.

ut1205,

You are looking at ActiveX, not javascript. Scroll down further.

Website security is a serious issue. It doesn't really matter if he is protecting "Aunt Mary's Photo's". All I can say is Gatekeeper is horrible for site protection, unless you really don't care about what is being protected.

I would recommend server-side authentication.

As I said in an earlier post my site is protected by GateKeeper. Go to "Geocities.com/ut1205" and hack my site to prove your point. You will be prompted for a password on the third page. If you use your suggestion you will never get to that page. Post back here three or four lines of text from the page past the password page and I will agree in the next post that "GateKeeper" is not a good security measure for the "computer savy"

Woot! Man, I love it when the gloves come off. Too bad I know nothing about hacking/cracking or whatever it's called. I couldn't hack myself out of a wet paper bag. :D I'll have to settle for seeing how this one plays out.

Sorry I didn't get back to you sooner. My wife and I are expecting our first baby Nov. 20th and we were at birthing classes.

Site to be hacked (http://geocities.com/ut1205)

Password: farmframe

I can post the cute picture of your kitty if you wish.

Sorry, my friend. It's just not good protection

Screenshot (http://www.guideshop.com/hacked.jpg)

I stand corrected. I'll have to agree with you.

I use Webgate. I think it's on www.dynamicdrive.com or www.javascript.com