Hi folks, i am running a website for our band (www.hobsons-choice.net) and i like to implement a few access controlled folders. Is there a smooth way to set up the folders and make them accessible via the website with a proper username pasword mechanism ? Any plug , stacks in or extension available for RW ?
Many thanks
Tom
You could take a look at:
Hi, many thanks for the swift reponse. i looked at the 2 solution. As far as i understood it, their pupose is to protect a site, page or multiple pages. My requirement is a bit different. Example : a page shows multiple folders with content inside (mp3, setlists, contracts etc. ). When accessing the folders, a password or Pin shall be requested to get access. Most ideally but nit mandatory would be a captcha to avoid bruteforcing a simple 4 digit code as used in the Joe Workman solution. So it is more about “folder access control” rather than “site/page access control” … if this makes sense.
Any tip ? Many thanks // tom
Hey @born4blues,
Are you really planning to give visitors access to folders on your server directly? There’s quite a few reasons to not do that, security being a primary one and user friendliness being a major other one.
If you’re going the Sitelok route, you can add the plugin User Files ($20, Vibralogix) to it. This will allow you to set up repositories of files (and subfolders), and set up user groups that can access the repository (and any folders and files in it) as long as their account is valid.
If you withdraw a single user account, only that person will stop having access (and not anyone else). The route of using actual folders, this gets complicated and cumbersome really fast (ask me how I know).
Sitelok + the User Files plugin will also allow you to set up conditions (for example set it up so that some users can write to the folder, while others only read from it), have different users see different folders and files depending on their status (“gold member”, “silver member” etc.).
You could even set up a payment requirement, so that users pay a one off or monthly fee to access the files or folders.
Cheers,
Erwin
Most web hosting control panels have a feature where you can password protect directories/folders. It doesn’t give user level access, nor does it look pretty, but if you just need a simple (and free) solution that will prompt your web visitors to enter a password when they try to access some folders on your website, you might check into this option.
Looks like you are using 1and1 hosting (now IONOS). They have a guide here but they give you the complicated way to do it. There might be an easier option to do it from your web hosting control panel with them. Perhaps contact their support and see.
Hi Erwin, i am struggling a bit this way. I like to avoid to manage the quite large number of files and directories via Rapidweaver. Basically i already set up some directories via Filezilla directly on the server and uploaded some files. Now i want a DOWNLOAD page on the website, which looks at this specific directory/folder, display its content in a kind of explorer view and make the item downloadable. So … i manage the content outside of Rapiweaver and want to use the website only as access model.
Hey hey … well spotted. We use IONOS. Good idea … i´ll have chat with them. But i guess i need to fix my primary use case first … and so far i failed. My idea is to use Joe´s Feeds / FeedsFiles stack to create a explorer type view on a folder, visualise the content and allow to download on click. I failed. Too much PHP stuff which i do not understand. PHP is a strange route anyway. A littel version change and the whole thing stops working. I had this already contact templates using a certain php version. I invested 80 € in stacks … it does not work. Not looking for other ideas. The best would be ONE stack and the only option — the URL to the directory.
Hey @born4blues,
If it’s integrating the fileview into your websites is what you’re after, there are ways to do that. However, they all look ugly IMHO - fonts and colours don’t match for example. There’s also the security (I know, I’m hammering that down, it’s trade deformation I’m afraid).
If you’re willing to throw some more money at it, the combo of User Access ($49, inStacks Software) and Repository 2 ($49, also inStacks Software) offer a more elegant looking solution.
Not as powerful as Sitelok and UserFiles though.
Cheers,
Erwin
Hi Erwin, thx for the hint and tips. repository looks good at first glance and i have a look at the demo project. There are 2 aspects, which raise a few a concern on my side … things i like to avoid. One is the use of PHP … this creates a lot of pre-requisites and dependencies. A while ago i saw contact forms failing after the hoster removed a certain PHP version. The second isssue is the use of cookies. So far. we don´t use cookies and don´t want to.
For more eperimental purposes, i used the hosters web admin tool to create an htaccess file on the single folder i like to protect ( not in the website navigation). This works but after entering the credentials, the file structure is not visible … error message. May be because IONOS by default has no directory listing activated. I contact the support and asked them if this could be the reason. I am wondering if i can use the htacess to control the folder and use repository 2 only to display the content and make files downloadable. Any experience ??
cheers // Tom
Hi @born4blues,
PHP is mostly unavoidable if you’re looking into any kind of integration nowadays. Unless you’re offering a pretty static website that is. Solutions like Sitelok and Repository require PHP to work. Stuff like that can’t be done in plain HTML (and Javascript runs client side, which wouldn’t be secure).
Depending on the type of hosting, you’re either dependant on the hoster for your PHP version or you’re going to have to install and maintain PHP yourself. Both have pros and cons - the latter offers you more flexibility in which version of PHP you’d run, but does mean more time and effort to keep it safe and in the air. The former is pretty much plug-and-play, but you’ll need to keep an eye out for any communication from your hoster regarding PHP.
Luckily both sitelok and Repository come from reputable vendors - they’ll make sure their products will function on the latest versions of PHP, so if your hoster stops supporting one, you can update your website with the latesrt version of those tools and they’ll continue to work. Usually this is free of charge too (that kind of service comes with this price bracket).
As for .htaccess based security in combination Repository: I have no idea if this works. In theory, Repository will just fail when a visitor is trying to look up the content of a folder he hss no rights too, but I don’t know how Repository will fail - a neat error, or a complete failure to load the page… no idea.
You could contact inStacks and ask them - maybe they’ve tried a similar solution before. The person behind inStacks is very knowledgeable and customer friendly, so no worries there.
Keep in mind that using Repository will require PHP 8 or higher, no matter if you use the .htaccess method or a different solution for access rights.
Cheers,
Erwin