Webmaster Resources

Welcome. The Web can be a REALLY gnarly place.
Here's some info and links to some of the better known sites.
Your Ip Address:
Protect your content with .htaccess
  • Check to make sure you are on an Apache web server and that
    'mod_rewrite' is compiled in. XciteNet Hosting is set up for this.
  • Modify for your own domain and the validation systems you use.
  • Create a text file called htaccess.txt, copy this code to it and save.
  • Upload this file in 'text' mode to the directory you want to protect.
  • Rename htaccess.txt to .htaccess once the file has been uploaded.
FPExtensions and protecting java, vivo's, rav's etc.
  • Copy: RewriteCond %{HTTP_REFERER} !=""   to the above.
  • - OR -: RewriteCond %{HTTP_COOKIE} !(^|(.+;)*)id=valid(;.*|$)
    and copy this javascript code to your first protected index page.
  • It is still possible to bookmark a page when not using the cookie.
Random Code using XSSI based on the 'second' variable
  • Use shtm/shtml file extensions to have the server parse the ssi
    OR use htm/html files, make them executable - permission 755,
    and add to your .htaccess file in the top directory: XBitHack On
  • Create a directory, /incltxt1 for example, and create files 00.txt
    through 59.txt (one for each second) each with code to include.
  • If you don't have 60 different images/links, copy some of the files
    to fill in what you are missing - make sure there are no gaps at all.
  • Include the following xssi coding where you want a random link:
  • For more than one include on a page, create /incltxt1, /incltxt2, etc.
    and change the above code for each different include on the page.
Username/Password DBAuthorization Script

Add, delete, update and view user info with one script.
Data fields include user, pass, group(s), email and info.
Protect multiple directories with one file using 'groups'.
And FTP is all you'll need to upload and configure it all.


BlackBox Login Password Check Script

Use this script as an alternative to the gray box login.
Checks for multiple login points for the same username.
Checks for multiple login attempts from the same point.
Works with any basic authentication system and
does not need to alter the password file.



FTP based .htpasswd Line Generator
First ftp the password file to your system.
Make a backup copy of the file 'just in case',
Insert or replace the line in the file and ftp back
to server - use 'text' ftp transfer mode both ways.
Tips for Web Programmers
  • Upload Cgi stuff in Ascii Mode. Unless it's an .exe .jpg or .gif file, upload in ascii or text mode. This includes .cgi .pl .txt .log .htaccess .htpasswd .htgroup and the like. I still make the mistake sometimes of uploading in binary and scratch my head for 5 minutes wondering what went wrong.
  • Set the right permissions. Files that get run like .cgi need to be set to 755 or rwxr-xr-x and files that get written to must be 666 or rw-rw-rw-. These can be set using most ftp programs like CuteFTP and WsFTP by right clicking and selecting 'chmod'. This is the second biggest mistake that gets made.
  • #!/usr/bin/perl Should be the first line of your perl cgi scripts indicating what program to use to interpret the code. For mailing scripts, try /usr/lib/sendmail. Also, if you are outputting back to the screen, your first line should be:
    print "Content-type: text/html\n\n";   This is the third biggest mistake that gets made.
  • Use Javascript to manipulate the Fields on the HTML Forms that get sent to the Cgi scripts that are written in Perl. Did you get all that? I'm sure that statement didn't help at all. It was really just my chance to get even for the doublespeak bestowed upon me! Oh yeah, use Java to stay up while you're programming everything else.
  • Learn how to Yahoo. Type in the keywords you want with pluses in front of them like: +html +form +mailto +tutorial which forces all of the keywords to be present. If you need more info, click on AltaVista or HotBot or InfoSeek at the bottom of the page.
  • Get a good reference book. Barnes & Noble are the ones I turn to if I can't find it on the web! The Waite Group Press Interactive Course series, especially Perl 5 and Javascript, are excellent and even allow you to earn certificates and email questions.