Replies are listed 'Best First'. By (Scribe) on Sep 28, 2018 at 08:08 UTC 'storing your passwords.txt in /tmp isn't wise' I move it to /etc/httpd/password.txt 'You don't set a session' how to set a session? Pls guide me. I will add it. 'see CGI::Alternatives.' What Can I get from it to enhance the code?

List types include usernames, passwords, URLs, sensitive data patterns.

I am runnig Apache with http. If run it with httpS and self signed certificate, Will it be better? I am also trying to add 'onclick'funtion to my below login.html file to a give error message, if wrong inputs were entered. I am currently having them in login.cgi code. Which way is better?

I am some miles away from completing a nice and secure code. I hope perl monks will come up with their views. By (Archbishop) on Sep 28, 2018 at 12:13 UTC 'I move it to /etc/httpd/password.txt' Also consider permissions, who else can get access to this file?

I tend to keep this sort of thing in a database. 'What Can I get from it to enhance the code?' Well it contains a lot of advice which you shouldn't ignore, examples of sane ways to approach such problems in modern frameworks. Pdf avtech 4ch mpeg4 dvr manual. Developing secure web applications isn't easy. What you have right now is a splash page redirecting those with a valid username and password to another page, which has no authentication on it whatsoever, nothing to stop anyone emailing the URL to someone else, who would be able to see it without any login details. Suggests other ways to achieve what you're actually trying to do, which will make your life easy if you take the time to learn the basics of what you're doing, rather than trying to implement something where security is without understanding such things.

One of those is, which has fantastic, you should pay special attention to the. Gets you started.

Goes on to show (wait for it) an example of how to implement an application which requires users to login. Finally HTTPS, for sure, may be of interest. This requires you to invest time in yourself, learning how to achieve what you want and what the tools available to you do. Modern frameworks make life easier.

It's not the mid 1990s anymore (thankfully). Update: Fixed some typos.

By (Canon) on Sep 28, 2018 at 08:56 UTC I am runnig Apache with http. If run it with httpS and self signed certificate, Will it be better? Yes it will because then your users' passwords will not be sent over the wire in the clear for any malefactor to read. Movie full hd download hindi. It would be better still if your certificate were not self-signed. I am also trying to add 'onclick'funtion to my below login.html file to a give error message, if wrong inputs were entered. I am currently having them in login.cgi code. Which way is better?