Password protected web content-- basic question

Question

I'm looking to create a password-protected section of my website that requires user login, and I'm wondering what approach would provide the simplest solution. For the most part, the site will be very simple and static-- i.e. no real requirement for a database/backend-- with the protected content contained in a single directory, which I've already configured on my server via htaccess. I guess I'm wondering ultimately if it's possible to use a script of some sort that will enable access to this protected directory via a form and thereby bypass the need for configuring a mySQL/PHP solution? Furthermore, this protected content is not exactly hyper-sensitive, but private nonetheless.

Thanks much for any direction here.

Answer 1

You could write some PHP script for delegating the web server to forward files after your customised authentication.

You may need to install mod_xsendfile for Apache and use X-Sendfile. For Nginx, just use X-Accel-Redirect.

I think it is not common, but for some reasons, it can be useful.

https://www.nginx.com/resources/wiki/start/topics/examples/x-accel/ https://tn123.org/mod_xsendfile/

---

It's too old question! I didn't noticed the date since I'm still new to this site. Sorry for bothering.

Answer 2

In your situation, I would set up an ordinary (public) HTML page that is the "entry" page to your protected content. It would describe what it is and how to log in (or whatever), and provide an ordinary link to log in. That link would go to the directory you've password protected, which would bring up a browser popup box requesting username and password.

This scheme is about 99% of the functionality of a login form, with about 1% of the hassle.