Why not make 2 passwords. One that does a check with the webserver when they
first enter the site, then the other one for all the pages. The first
password could just be something default, just so they can get to the point
where they can put in the rest of thier information. Only thing I can think
of.
Bob Everland
-----Original Message-----
From: Wey Hueymeei [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 25, 2000 10:08 AM
To: [EMAIL PROTECTED]
Subject: Directory Security
Hello,
We have a security system built in application.cfm, which disallow users to
access our site without providing valid username and password.
ie. when a user put URL on the location bar, if he has not logged in, he
would be redirected to the login page first before seeing the actual page.
But we just have a security problem with the system: There is a directory
for users to upload files. If the file is not in CFM format, it seems like
that the application.cfm cannot do security check. Therefore, if the person
knows the URL, he could see the page without logging into the system.
Could anybody help?
thanks in advance,
Hueymeei
----------------------------------------------------------------------------
--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
