Quote:
Originally Posted by 8140david
Concerning the security of an online catalog:
I think I should put a .htaccess restriction (with login and pass) on the library folder.
If I do so, is it still useful to encrypt the filenames?
|
Probably not. I have my own system protected so that each user has to provide username/password and do not bother to encrypt the filenames. I periodically check the web server logs to make sure that there is no excessive activity on any particular username/password in case a user has been compromised. You may also want to consider using SSL to avoid passwords being sent in the clear across the internet.
The option to encrypt filenames is primarily aimed at those who cannot put more robust security in place. It is better than doing nothing, but cannot be assumed to be anywhere near as good as proper username/password protection.