Hello all-
I am absolutely clueless when it comes to CGI - but I'd like to secure my website and am guessing this is the place to post...
Does anyone know how to create a "default" site login (with a windows login and password prompt in XP)?

If you want to tie the security to Windows usernames, you had best start looking at your IIS configuration.

I believe there is a way in there to turn on authentication, and to note that it should be tied to the NT/domain users. I haven't done this for a while, so you'll have to look around. In any case, this can secure a whole area of your site (or the whole site) without any CGI.

Hope this helps.

-Jim

you need to look into .htaccess files, search on google and you'll find loads of info.
Regards

Originally posted by jimr451
...In any case, this can secure a whole area of your site (or the whole site) without any CGI.
-Jim
Where can I be educated on CGI-less security? Sounds great.
thanks in advance

Well, for IIS (Windows machines) you can look here:

MS Windows 2000 Authentication (http://www.microsoft.com/windows2000/en/server/iis/default.asp?url=/windows2000/en/server/iis/htm/core/iiabasc.htm)

Look under "Basic Authentication"

For Apache, which mostly runs on unix boxes (but can also run on Windows machines) check out this documentation page:

Apache Authorization and Access Control (http://httpd.apache.org/docs-2.0/howto/auth.html)

There's a bit of a learning curve if you've never been exposed to it.

My suggestion would be to check with your Hosting provider, and see if they have any FAQ's, or documentation for customers wanting to use these features. That might get you off and running.

Hope this helps.

-Jim

if your running your own server, or our host allows, then buy a license of cpanel...it has everything needed to secure a site without any fuss.