vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Restrict Access to a Directory (https://vborg.vbsupport.ru/showthread.php?t=242939)

russellw 05-20-2010 02:53 AM
Restrict Access to a Directory
 
Good afternoon

We have a large repository of technical data in HTML format that is currently accessed via a private forum accessible by a single group of users (numbering about 250).

The directory format all the files are stored in is /html/dir/subdirs and there are several hundred files in those sub directories.

If the URL is known they can be accessed by anyone but we need to restrict them to the chosen user group only.

I've read about the various access control methods discussed here but they all rely on code inside the html page (those that support html) whereas I am really looking for authentication at the directory level.

Is it at all feasible?

Obviously we don't want to use a secondary login for access so as far as I can see use of .htaccess is ruled out - although there wouldn't be any objection to the user having to authenticate with their vb user name and password if that was the only viable option.

We originally had these docs in jpg form and controlled access via the vb integration with Photopost but they were too hard to use in that form. We had also tried adding them inside vbPortal which we use as our CMS but the restriction by user group works very poorly in that product.

Any help appreciated.

Cheers
Russ

Marco van Herwaarden 05-24-2010 02:35 AM
As these are simple webpages any access control will need to be done on the level of the webserver (apache/?). So i doubt you can get away without using a .htaccess. I am not aware of any modification that will (automatic) restrict standard webpages based on vBulletin user(group)s.

You could however obfuscate the pages by making the directory not indexable and add something random to the filename/path. Only those with access to a thread in which these URL's are posted would have access. But that only works until someone shares them with others, so not much bulletproof.


All times are GMT. The time now is 05:07 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01645 seconds
  • Memory Usage 1,706KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (2)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete