Password Protection Guide
If your site was activated after February 28, 2008 and you are hosted on Windows 2008 you can use ASP.NET Forms authentication. You can find details and a sample here.
The Password Protection feature offered by myhosting.com uses a file called "dafauth.ini" to protect web pages. This file is a plain text file that lists the allowed and rejected users for any file or folder in the folder it is placed in. For example, you can place the "dafauth.ini" file in a "members" folder, restricting access to those pages to only those who are members of your group. This document will give you some instructions on how to create the dafauth.ini file.
Now that the password protection for your hosting account has been enabled you will need to setup your Users, and User Groups, as well as creating your DAFAUTH.INI files. This may seem very difficult but it's actually quite easy.
Creating Users & User Groups
You will need to log into your control panel for your site to setup your users and user groups.
- Go to https://support.myhosting.com and log in.
- Once you are logged in go to the UPGRADES AND ACCOUNT OPTIONS section and click on the link for "Password Protection Management".
- To create a user you will need to click the ADD USER link
- Enter a username, password and the name of the group that you want the user to belong to and then press the ADD button.
- Repeat this process for all the users that you want to create. Remember a user can
only belong to one group.
Creating DAFAUTH.INI files
Now that you've created the users and groups you need to create the dafauth.ini files for the files that you want protected.
For this example lets say that you created 3 users (Bob, Jim, and Amy). You also created three user groups (sales, marketing, and management). Bob is a member of the sales group, Jim is in marketing, and Amy is in management.
Now lets say that on your site you have 2 files in the root of your site that you want to protect (salesdata.htm, and marketinginfo.htm). Now you want to allow Bob to be able to view the salesdata.htm file but not the marketinginfo.htm file, and Jim to be able to view the marketinginfo.htm file but not the salesdata.htm file. Since Amy is in the management group she should be able to view both files. To accomplish this setup you need to create a dafauth.ini file in MS Notepad with the following code.
[salesdata.htm]
sales = enable
marketing = disable
management = enable
default = disable
[Directory]
everybody = enable
[marketinginfo.htm]
sales = disable
marketing = enable
management = enable
default = disable
Save the file as dafauth.ini and upload the file to the folder where the salesdata.htm and marketinginfo.htm files are located.
Notice that for the salesdata.htm file that the sales group and the management group are enabled and marketing is disabled. For the marketinginfor.htm file the sales group is disabled and the marketing and management groups are enabled.
For every folder that contains files that you want to protect you need to create a separate dafauth.ini file. If a file is not listed in the dafauth.ini file then all users will be able to access the file without needing to use a password.
Password Protecting Your Site
If all you want to do is prevent anyone from accessing you website without using a login you created all you need to do is create one user, one password, and one group.
Create a user such as MyUser with a password and make that user belong to a group named SiteAccess. Now open up MS Notepad or any text editor and create a dafauth.ini file with the following code.
[Directory]
SiteAccess = enable
Save the file as dafauth.ini and upload the file to you site. The dafauth.ini file should be in the same location as your index.html, index.htm, or index.asp file.
DAFAUTH.INI Details
The dafauth.ini file is a plain text file. When creating this file, please make sure that if you use a program like Microsoft Word or WordPerfect, that you save the file as a "Plain Text" or "MS-DOS Text" file. Do not save this file as a Word document or any other special format as the Password Protection system will not be able to interpret those files.
The content of a dafauth.ini file is just a listing of a file or folder, and who has access to it and who should be rejected access to it. It should be laid out as follows:
[file, folder or section]
<entry>=enable or disable
<entry>=enable or disable
<entry>=enable or disable
[file, folder or section]
<entry>=enable or disable
<entry>=enable or disable
[file, folder or section] should be replaced with any of the following:
Section |
Description |
[PreAuthentication] |
This section is read first, before any other section. |
[Directory] |
This section defines the default permission for every file in the directory for which no specific permission is defined in DAFAUTH.INI. |
[<file name>] |
This section defines permission for the file <file name>. |
<entry> can be any of the following:
Section |
Description |
<Group name> |
Any password protected groups that you've defined in the password protected user list in the Control Panel. |
<username> |
A specific user that you have defined in the password protected user list in the Control Panel. |
Everybody |
All Web users. |
Anonymous |
Anonymous Web user. |
Authenticated |
Authenticated Web user. |
Default |
Last entry called for the current section. |
The Password Protection feature follows the following rules:
- If there IS NO DAFAUTH.INI file in the directory:
- Access is GRANTED for every request for every group.
- If there IS a DAFAUTH.INI file in the directory:
- The search stops after the first explicit right (enable or disable) was found.
- The order in which sections and entries are written in DAFAUTH.INI does not make any difference.
- If no explicit right (enable or disable) is found, access is denied.
If there is a DAFAUTH.INI file, it will prioritize the authentication procedure in the following order:
- Section [PreAuthentication].
- Section [<file requested by the Web user>] (the long file name must be used).
- Section [Directory].
For each section, entries are sought in the following order:
- Everybody
- Anonymous
- Authenticated
- Groups which belong to the Web user
- Web user login
- NTAccount or password protected Account
- Default
Sample DAFAUTH.INI Files
To give you an idea of how this works, here are some sample DAFAUTH.INI files. Do not use these DAFAUTH.INI samples as they are intended to illustrate how to create your own and will likely not work with the sample usernames that they use.
Sample 1
You have a public directory where you want everyone to be able to access all the pages, except for news.htm, which you only want people who authenticate themselves and belong to the Password Protected group "grp1".
begin file DAFAUTH.INI
[NEWS.HTM]
grp1 = enable
default = disable
[Directory]
everybody = enable
end file DAFAUTH.INI
Sample 2
You have a folder where anyone can access news.htm, however all other webpages are restricted to people who authenticate themselves and belong to the Password Protect group "grp1".
begin file DAFAUTH.INI
[NEWS.HTM]
everybody = enable
[Directory]
grp1 = enable
end file DAFAUTH.INI
Sample 3
You have a folder which you want to give access to all authenticated users, but do not want to allow anonymous access.
begin file DAFAUTH.INI
[PreAuthentication]
Anonymous = disable
Authenticated = enable
end file DAFAUTH.INI
Sample 4
You want to password protect a folder so that any anonymous user can access it, however all authenticated users cannot.
begin file DAFAUTH.INI
[PreAuthentication]
Anonymous = enable
end file DAFAUTH.INI
Sample 5
In this folder, you want to allow anonymous access only to the register.htm file. All remaining files can be accessed by the group "members" except for hold.htm, which can only be accessed by those in the group "goldgrp".
begin file DAFAUTH.INI
[register.htm]
everybody = enable
[gold.htm]
goldgrp = enable
[Directory]
members = enable
end file DAFAUTH.INI