When you do your websites do you have a page for your customers to look at proofs?
If so do you have that page password protected?

I am in the process of designing my site and I really wanted to do a password protected page for proofs and I am not to sure how to go about doing this.
Any suggestions?

Thanks,
Sonya

I too am interested in finding out how to get this working.

Well I do know theres away around doing this I am just not sure if anyones tried it.
Say the customers last name is Smith you upload a page with the pics name the file Smith.html to your site BUT you dont link this page to any pages you give the customer the web address to their pic file and they can view the proofs.
Now noone else would be able to see this file so its still protecting their privcay.
I might do it this way I am not to sure yet.


Sonya

When you do your websites do you have a page for your customers to look at proofs?
If so do you have that page password protected?

I am in the process of designing my site and I really wanted to do a password protected page for proofs and I am not to sure how to go about doing this.
Any suggestions?

Thanks,
Sonya

Probably the most common way is using .htpasswd and .htaccess permissions to set password access.

Example from my site, data has been changed to protect the stupid. (me)

# Begin password protection #
AuthType basic
AuthName "Proof Access"
AuthUserFile /www/d/yoursite/.htpasswd
AuthGroupFile /www/d/yoursite/.htgroupproofs
Require group authors
# End password protection #

You would put this in a file named .htaccess in the directory you wanted to protect. When anything from that directory is requested, this file tells the server to ask for a user name and password. It then checks the .htgroupproofs file to see if that user name is allowed in that directory. Then checks the .htpasswd file to see if the user name and password are correct.

Sample .htpassword, these passwords are encrypted.
User Fred:5nqE5emsllR5Y
User1:$1$sa1KT07H$FqyYBerePBdJfP4aiPEXJ0
User2:$1$zlE7tQhs$2XQVTLrdhVzbGdYQZS0ta0
User3:3kF8VTd6E2.6A


Sample .htgroupproofs. With this file only these users can access the directory, User Fred can not, even though he does have a vaild pass for the site.
authors: User1 User2 User3

The password and groups files can be names anything you want, just as long as the .htaccess file points to them. You can repeat this process for as many directories as you want, also all subfolders are protected unless you specify something different.

If you don't need different groups for different levels of access its even easier. This will allow anyone with a user/pass in the .htpasswd file into that directory.
AuthType Basic
AuthName "Proofs Area"
AuthUserFile /www/d/yoursite/.htpasswd
Require valid-user


Hopefully that made sense and answered your question.

Thats really some great information thanks to much for sharing it.
I guess each time new customer you would edit the coding for that person to have access right?



Sonya

I don't password protect proofs, I just don't link to them from anywhere on my site, that way they're invisible. I send the link to the bride and groom, anyone they want to see the pics they send the link to, no-one else should be able to find them.

The technical term for this is "security by obscurity", and generally isn't great, but for this application I see no problems.

I'm in the process too of setting up a site and have been considering similar issues.
Some of the other shooters in my area subscribe to what I'll refer to as commercial posting sites (for lack of a better term).

One such firm is "Collages.net" which is linked to my pro printing lab, but I know there are many others. Typically these will either charge by your "job/client", by the image, or by the month. Different pricing structures will suit different circumstances - like anything else you need to carefully evaluate which would be the most cost effective.

I just haven't decided which route I want to take yet. There are also options then for Paypal, e-commerce, credit cards...... how complicated (or easy) do you want to make the financial component. Do I want to spend most of my time maintaining a website and e-commerce accounts, or do I want to be shooting pictures?;)

http://www.eostemplate.com - pair it up with JAlbum and do it on your own site, you're done. With this system you get emailed orders to fill yourself, so if you want a site that will print the images (giving up that control) it won't suit you.

This looks very interesting Tim.... thank you for the link. It appears to be used/offered primarily in Australia and the UK? Have you set your site up for e-commerce in this manner?

This looks like a nice system but I've still got to finish the basics of a website before I attempt anything this sophisticated. Has anyone used the web gallery generating capabilities of Adobe Bridge? - Stu

http://www.eostemplate.com - pair it up with JAlbum and do it on your own site, you're done. With this system you get emailed orders to fill yourself, so if you want a site that will print the images (giving up that control) it won't suit you.

Bridge doesn't do galleries AFAIK, CS2 does. I don't like them, I use JAlbum.

That EOS thing isn't location dependant, I use it in New Zealand fine. I don't use the credit card functionality, I prefer people pay me directly.

Anyone using this "security by obscurity" method should at least be deploying a robots.txt file for their sites! Otherwise, Google or someone will find it and the proofs will indexed for you...

See here for all you ever wanted to know about them...

http://www.robotstxt.org/wc/robots.html

Ooooppsss... :oops: .. shows you how much I still have to learn about my CS2. I recall the earlier recommendations for JAlbum.

I apologize if this has already been covered, but what does AFAIK stand for? And yes, I certainly agree that direct payment is preferable.

Bridge doesn't do galleries AFAIK, CS2 does. I don't like them, I use JAlbum.

That EOS thing isn't location dependant, I use it in New Zealand fine. I don't use the credit card functionality, I prefer people pay me directly.

Joseph I have no idea I figured it was just the person who would be given the link I will check out the information your provided.



Sonya

AFAIK = "As far as I know" which basically acknowledges that one 'might' be wrong.

Another one I like is IIRC, "If I remember correctly". This is for us lazy people who don't want to look something up ;)

s

Just use .htaccess and give each user the address and login to their personal gallery.

Thank you for the continuing "Adult Ed Class" for some of us old farts;) . My last kid is in college now so I can only catch up on current idiom when she comes home for break. Somehow I missed this acronym....

AFAIK = "As far as I know" which basically acknowledges that one 'might' be wrong.

Another one I like is IIRC, "If I remember correctly". This is for us lazy people who don't want to look something up ;)

s

Anyone using this "security by obscurity" method should at least be deploying a robots.txt file for their sites! Otherwise, Google or someone will find it and the proofs will indexed for you...

See here for all you ever wanted to know about them...

http://www.robotstxt.org/wc/robots.html

If it's important put a password on it, if it's not then security by obscurity should be ok. A robots file is just making things a little bit more obscure!

Well I have talked to several people who just give links to the pages that are not listed on the site they have never had any issues with doing this. Since it seems to be the easiest thing to do I think this is the way I will go.

Sonya