Jun 8, 2012

Protecting files same as htpasswd but using php (new tip)

Hello all
This is a quick and cool php tip im gonna show you.
We will make an login page just like htpasswd but using php.

Why is this good?!
Well often hackers when hacking a server try to read .htpasswd files but without knowing that isn't there will make them search for a while, or even not find it :)

Live preview:


Open a php file you want to protect or just create a new one xD

<?php

$config['admin_username'] = "username"; // your username
$config['admin_passowrd'] = "password"; // your password
if(!isset($_SERVER['PHP_AUTH_USER'])){
header("WWW-Authenticate: Basic realm=\"Login\"");
header("HTTP/1.0 401 Unathorized");
die("No login passed lol");
}
else{
if(!($_SERVER['PHP_AUTH_USER'] == $config['admin_username'] && $_SERVER['PHP_AUTH_PW'] == $config['admin_passowrd'])){
header("WWW-Authenticate: Basic realm=\"Login\"");
header("HTTP/1.0 401 Unathorized");
die("What happens when you press cancel :P ");
}
}
?>

Thats it, dont forget to share xD

4 comments: