Site Protection

Please read!
  • This documentation is intended for site owners in an ISP environment (ISP clients).
  • All instructions may be executed by the site owner alone, no NT specific rights are required.
  • Comments in grey frames are intended for the NT server administrator. They were inserted for explanation purpose and should be removed before presenting this documentation to site owners.

Overview

DAF includes an ASP application which allow the site owner to manage alone the protection for her/his site. It is located in the following directory:

<DAF Data directory>\default_files\SiteProtectionSetup

This application uses an ASP Server component ("DAF.SiteConfig") to configure DAF  protection for the current web site. Since that usually site owners are allowed to write ASP scripts, by default, they could write a script referencing this same component to change his/her DAF configuration. To prevent this possibility, you must define an "ISP Authorization Code" (ISPAC). Without the ISPAC, main methods supported by the component cannot be executed (cannot enabled/disable/configure DAF protection). A DAF security handler administrator login/password and the ISPAC are required to use component "DAF.SiteConfig" methods.

To define an "ISP Authorization Code" (server wide):

  • Define the server "ISP Authorization Code":
    - Launch the DAF Confugration Tool
    - Right click on the Local computer name
    - Choose item "Properties"
    - Choose tab "ISP"
    - Enter a code in field "ISP Authorization Code"
     
  • Add the server "ISP Authorization Code" in the protection Setup application:
    - Locate your directory "<DAF Application data>\default_files\SiteProtectionSetup"
    - Edit file "constants.inc"
    - Insert the server ISPAC code in line: ISPAuthorizationCode = ""

Your hosting plan includes a security feature designed to password protect your web resources. When enabled only authenticated users will have access to your secure areas.

To password protect a web site area, you need to: