Would like some help understanding website management

  • Context: PHP 
  • Thread starter Thread starter aheight
  • Start date Start date
  • Tags Tags
    Management
Click For Summary

Discussion Overview

The discussion revolves around website management, specifically focusing on accessing and securing files within a web hosting environment using cPanel. Participants explore issues related to public and private access to files, database management, and general web development practices.

Discussion Character

  • Exploratory
  • Technical explanation
  • Conceptual clarification
  • Debate/contested
  • Homework-related

Main Points Raised

  • One participant seeks clarification on how to manage public and private access to files in their website's directory structure, specifically using cPanel.
  • Another participant suggests creating a subdirectory within public_html and using .htaccess and .htpasswd files to password-protect access to sensitive files.
  • A later reply mentions that cPanel has built-in options for password protection, although it may vary by hosting provider.
  • Concerns about SQL injection attacks are raised, with suggestions to use frameworks that mitigate such risks or to learn about prepared statements in PHP.
  • Some participants discuss the merits of using cPanel versus Apache, with one noting that cPanel manages various web technologies.
  • One participant shares their experience with a website project involving AJAX and WebGL, seeking feedback on their implementation.
  • Feedback on the website's design is provided, with suggestions for improving the front-end appearance and responsiveness using CSS and HTML5 features.
  • Further inquiries are made about specific tools and resources for enhancing web design, particularly in relation to CSS and HTML5.

Areas of Agreement / Disagreement

Participants express various viewpoints on securing files and managing web access, with some agreeing on the use of password protection while others suggest alternative approaches. The discussion on web design and development practices also reveals differing opinions on aesthetics and technical implementation.

Contextual Notes

Participants mention specific tools and practices without consensus on the best approach, indicating a range of experiences and preferences in web development. There are also unresolved questions regarding the best methods for securing database access and enhancing website design.

Who May Find This Useful

This discussion may be useful for novice web developers, individuals managing their own websites, and those interested in learning about web security and design practices.

aheight
Messages
318
Reaction score
108
Hi guys,

I am very much a novice at website management and have set up a website which accesses my SQL database and I'm not using WordPress or other site building software, and I don't understand really the mechanics of private and public access to the site file system and was wondering if someone could explain it a bit to me?

Ok, on my site, I use CPanel and have a subdirectory named public_html and I assume that is the one accessed when the website is referenced right? And then I assume when the domain name is entered as a web address, it goes to this directory and runs index.html right? And that's what I want for public viewing. However, I would also like to run a database update script using the same domain name but a different file in the subdirectory but don't want public access to it obviously. So say my domain name is "mydomain.net". So then when the public enters mydomain.net it runs the index.html file and that is fine. However, I would like the option of running a different file privately so I type:

mydomain.net/updateDatabase.html.

And that file has a php script which then updates the database. However I can just run this file publicly by typing it in at the http prompt and I don't want just anyone running it or other files on my site. Should I not keep private files in public_html? Is that a dumb question? But if I store them in another subdirectory, how do I then run them privately? I would like to have private access to this file so just me could run it. Is there a way to do this? Perhaps I could use a password in the php file since as i understand it, the php script is not viewable by the browser? I do not know if I can just log into CPanel on my site and run the updateDatabase. html file directly. Is that what is usually done it this situation?
Thanks for reading,
 
Last edited:
Technology news on Phys.org
aheight said:
I would like to have private access to this file so just me could run it. Is there a way to do this?
Create a subdirectory in public_html, e.g. public_html/db. Put updateDatabase.html in that subdirectory. Password-protect the subdirectory by putting in it a file named .htaccess with suitable directives, and a file named .htpasswd that contains username/password information. You can find lots of pages describing the setup by Googling for "htaccess password" or something similar.

Then when someone tries to access anything in that subdirectory, e.g. http://mydomain.net/db/updateDatabase.html, their browser will prompt them to enter a valid username and password.
 
  • Like
Likes   Reactions: QuantumQuest and aheight
Aha! I just remembered that cPanel has an option to do this, at least mine does. It may vary from one web-hosting provider to another. On mine, it looks like this:

https://www.namecheap.com/support/k...how-to-password-protect-files-and-directories

I've never tried it myself. When I experimented with protecting directories a long time ago, I created the .htaccess and .htpasswd files by hand.

According to that page, you can also password-protect individual files, but cPanel won't do it, so you have to create the .htaccess and .htpasswd by hand.
 
  • Like
Likes   Reactions: aheight
Thanks a bunch jtbell! I am just now seeing "directory protection" in cpanel and am experimenting with it. I am such a neophyte with all this. Really could not have gotten this far with my website without you guys here helping me. :)

aheight
 
Don't forget to read about sql injection attacks where someone enters sql into one of your fields to be inserted into the database and gets access to the whole database.

Personally I would use something like rails or grails for web database access as they will protect your code from sql injection by quoting user input to make it non executable and can be extended and scaled up as your needs increase.
 
  • Like
Likes   Reactions: QuantumQuest and aheight
I've never heard of Cpanel, why not just use apache? It's used by millions of people and has an extremely active community. Using that you can set very advanced permissions.
 
Also, about sql injection attacks that jedishrfu points out, I would recommend - as you're learning PHP, to study and learn how to prevent them, by using prepared statements either through PDO (PHP Data Objects) or MySQLi (MySQL Improved Extension).
 
  • Like
Likes   Reactions: aheight
newjerseyrunner said:
I've never heard of Cpanel, why not just use apache? It's used by millions of people and has an extremely active community. Using that you can set very advanced permissions.
cPanel is a web hosting control panel (probably the most popular one), i.e. it manages programs like apache, php, MySQL, etc.

You can access cPanel via port 2083 on any website that uses it, like it is the case for https://www.physicsforums.com:2083/ .
 
Last edited by a moderator:
  • Like
Likes   Reactions: aheight and jtbell
Thanks guys. The 2083 trick is neat. Would you guys mind briefly looking at my site? I've only been doing this a little over 3 months and I am sure it's lacking but I just don't know by how. Right now I have a blog (first domain name) which has a menu item "AFRender" which links to my shared account (second domain name) with my host provider. This runs my index.html which then runs a javascript to query (via AJAX and PDO) my database, get function names from it, and then populates a menu of function names. The user selects a name. Then another query is run to retrieve either the real or imaginary blob from the database which contains all the WebGL data. The javascript then renders the function in native WebGL. That's it. Basically I barely understand what I'm doing. Here is the front end (blog) if you have time. The "AFRender" option is all the WebGL work you guys have helped me with. :) : jujusdiaries.com

I'd appreciate comments.
 
Last edited:
  • #10
aheight said:
I'd appreciate comments

Taking a look using my laptop, with the four most used browsers, it looks being in the path of a good work. Rendering is fast and nice. Now, I would definitely recommend to do some front - end work (basically design work using some CSS and some tools-of-the-trade in HTML5), in order to give it a more fancy or "catchy" look and to turn it to responsive in "the sooner the better" fashion.
 
  • Like
Likes   Reactions: aheight
  • #11
Looks pretty nice so far. I'd move the HOME to the beginning of the menubar before Section 1
 
  • Like
Likes   Reactions: aheight
  • #12
Thanks guys. I moved the Home to the front of the menu. Looks better I think too.

Also, I'm afraid I do not understand what you meant by this Quantum:
QuantumQuest said:
Now, I would definitely recommend to do some front - end work (basically design work using some CSS and some tools-of-the-trade in HTML5), in order to give it a more fancy or "catchy" look and to turn it to responsive in "the sooner the better" fashion.
I do have a nice bit of CSS code for the menu drop-downs. What are "tools in the trade in HTML5?"
Could you give me an idea or two or perhaps a reference or a website I can take a look at to give me some ideas ?
 
  • #13
aheight said:
Also, I'm afraid I do not understand what you meant by this Quantum:
I do have a nice bit of CSS code for the menu drop-downs. What are "tools in the trade in HTML5?"
Could you give me an idea or two or perhaps a reference or a website I can take a look at to give me some ideas ?

It is just my opinion for something more attractive, regarding the look of the site. It is already in a good path but I think it is better to be responsive and with some more involved CSS work regarding columns, fonts, colors etc. With "tools-of-the-trade", I meant some of the new features of HTML5 - as per needed of course, regarding sections, navbars etc. in tandem with CSS. You can even use tools like SASS (Syntactically Awesome Style Sheets) which is a CSS extension language, to define and compile to CSS your own styles or just use some premade CSS code.

Now, it is a matter of personal taste how you want your site to look and I am not a web designer either, but I have done it professionally just because I like it, in parallel with web development.

Now, for resources, besides the standard references for HTML5 and CSS at W3C (currently CSS3), I would recommend for responsive web design the book by Jonathan Fielding Beginning Responsive Web Design with HTML5 and CSS3. A very useful tool for HTML5 is HTML5 Boilerplate.
 
  • Like
Likes   Reactions: aheight

Similar threads

Simpler alternatives to SQL-like databases
  • · Replies 50 ·
2
Replies
50
Views
9K
Do you want to build a website?
  • · Replies 15 ·
Replies
15
Views
3K
GNURadio -- Beginner's questions
  • · Replies 0 ·
Replies
0
Views
2K
Learning about Python application deployment - possible recommendations
  • · Replies 7 ·
Replies
7
Views
3K
PHP WEBSITE HIJACKED - Php code infected - HELP?
  • · Replies 5 ·
Replies
5
Views
4K
Help in my program using Classes
  • · Replies 75 ·
3
Replies
75
Views
7K
My Website For Creating Interactive Visuals Linked To Equations
  • · Replies 4 ·
Replies
4
Views
4K
What is the cheapest way to secure a web site
  • · Replies 14 ·
Replies
14
Views
3K
PHP Using PHP and cURL to submit POST requests to a website
  • · Replies 7 ·
Replies
7
Views
6K
[Android] Camera App crashes when run
  • · Replies 6 ·
Replies
6
Views
6K