PDA

View Full Version : Secure Gateway Page



kyesrac
17 Jun 2008, 03:21 PM
Hello everyone. I am trying to find out if anyone has designed the idea that I currently have for some sort of a gateway page, or something of the like.

Basically I have a web server Debian/apache2.2 and I want to have a sort of "hidden" page. I only want people who I give permission to be able to access this page.

It is basically a login page with username/password that I want to keep hidden from just anyone running port scans on the net that finds my server and says, "hey, port 80 is open there, lets check it out". I was thinking like.. a sort of a plain page with a simple single input box that uses a passphrase for authentication.

This may sound like im just looking for a simple username/login page, but that is not what I am looking for. Basically I want to be able to effectively fend off wandering eyes, and allow friends and others access. My main questions are how would I prevent the underlying page from being navigated to by someone who has not authenticated? I am fairly well versed in Linux and networking, but not real familar with Apache. Aside from some basic setup, and using mod-rewrite thats about the extent of my knowledge.

I was thinking that I wil need some sort of setup that creates a unique session for each visit, and limiting that session to a specific number of logon tries to prevent brute force. Im not sure if that would be easily bypassed or what, as that is out of my knowledge area.

Maybe this idea has already been widely used before, im not sure. Any input would be appreciated.

Thanks.

kyesrac
22 Jun 2008, 12:03 PM
bump. nothing? only 22 views?