Folder Security

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
cfouillard
Forum Newbie
Posts: 1
Joined: Mon Apr 30, 2007 2:55 pm

Folder Security

Post by cfouillard »

Is it possible to secure a folder and only allow people of a certain rank, such as the administrator to access it? I'd rather not have someone access my sites admin pages by just typing in http://www.meandmysite.com/admin or something. If this isn't possible, is there some way of denying access to non-admin types?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Yes, it's generally possible. The secure solution, however, is not so simple.

On the basic level, it is recommended that you have the user log in again when transitioning to a high security level. Regenerating the session also should be done.
Post Reply