[Previous] [Next] [Index]
[Thread]
Re: FTP Security
->
-> Hello forks.
->
-> I'm currently making WWW Page for our project team.
-> I'd installed all required stuffs for the service but there is
-> a problem which I have no idea how to deal.
->
-> As you know when a browser requsts ftp service to a server, the default
-> user id is set to anonymous. But I don't want to install anonymous
-> service for my system and let the browser access my service using some
-> user id so that confidential documents are not revealed to others.
->
-> I know how to restrict some directoris using .htaccess file but
-> even after some user succeeded the user identification the ftp
-> access is only under anonymous.
->
-> I tried some thing like this; http://user:passwd@host/directory/file
-> but this scheme shows the user and password via browser which is not
-> recommended by NCSA and my team members(they will kill me! :)).
Netscape doesn't have this restriction. You can specify
http://user@host/directory/file
and it will prompt you for a password in a different style dialogue
box than the normal authentication box. I was appalled to learn that
all other browsers don't understand this convention, and if fact _we_
are going to have to implement something similar since we're changing
the CIO ftp system for Cisco.
I just wish all browsers did the FTP protocol correctly.
--John
Follow-Ups:
References: