if you force a check of login credentials on every page, then it doesn't
matter if someone bookmarks your admin pages.
They will still be forced to login.
As for search engines, they probably wouldn't be able to parse protected
pages. But you can intercept the Agent name, and if it's not a browser,
send them to a page specifically created for search engines... that would
still allow your site to be processed by the search engines, yet maintain
your security.
hth
Shawn Grover
-----Original Message-----
From: CFHelp [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 10, 2001 9:34 AM
To: CF-Talk
Subject: RE: Securty
This sounds great thanks.
But what do I set in cfapplication to prevent someone from bookmarking
the pages or let's say a search engine picks up a page in my admin
section.
Will the cfaplication check to see that they actually logged in?
-----Original Message-----
From: CFHelp [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 09, 2001 1:18 PM
To: CF-Talk
Subject: Securty
I have an admin section on a few sites and was wondering what the best
way to handle security is. Would I run a session using a cookie to
timeout the login? Do I use CFApplication? The administrators need to be
able to login from anywhere.
What are the ways the CFGods wish it be done?
Rick Eidson
Owner
http://www.kchost.net/
KChost is getting ready to launch it's enews service
Now you can moderate your own affordable newsletter
Promote you products and services even sell advertising. Plans start at
$5 a month for 500 emails. FREE Trial account.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
