Securing a directory???

Anon

I know that if you use .htaccess files through the web server itself, you can secure a directory and all its files from being access by unauthorized users. ie force them to use a username and a password to access any file in the directory you have placed the .htaccess file. This is not preferable of course because the browser will send passwords in plain text.

I also know using something like PHPLIB, you can secure a page by calling the correct classes on a page open call. This is preferable in my mind especially if you use the javascript encryption routines in PHPLIB to avoid the sending of passwords in plain text for an individual page.

But is there something you can do in between, that can secure the actual files and prevent their access directly from a URL?

I would be curious to hear how others have handled this issue, and prefereably with php.

Is there a way to secure a whole directory using PHP without having to add the auth routines to each and every file as you would with something like PHP so one would not have to use something like the .htaccess method which then sends all passwords across the net in plain text.

Any help or suggestions, always greatly appreciated. Thanks is advance.

Alan

junebug

an easy way to prevent users from accessing files very url, store all the files in a non web accessable directory. instead of storing them in the directory '/usr/home/www/docs' store them in the directory '/usr/home/docs'. then use a little script that the user can access from the web that will include the content on the page. this way, the actual file will be unaccessable from the web.