Windows web server: password protect a directory

I’ve got a domain that’s being hosted on a Windows server running ASP.NET 1.1.4322. I need to password-protect one of the directories under this domain. I originally thought this webspace was in a Linux environment so I could use an .htaccess, but alas.

I’m not really familiar with Windows hosting. The closest thing to this that I’ve done in the past was on my own Windows server, where I could set up authenticated access via IIS directly; obviously I can’t do that on a third-party host’s server. Is there an easy way to go about doing this, that doesn’t involve converting every site in that subdirectory to an authentication-enabled ASP.NET app? Quick and dirty is fine, even preferred; the fact that I was going to use .htaccess should tell you the level of “security” I actually need.

Any advice is appreciated.

ETA: The hosting company’s solitary support rep, after about a minute of what I assume was Googling, answered this question thus: “Instead of htaccess, have you tried using htpasswd?”. Yeah, I hung up.

Have you tried contacting the host? The simplest way to do this is for them to un-check a checkbox in IIS. Not something you can do yourself, but might as well ask if they’d do it for you.

Tried it; your response came before my edit. See above for how well that request went. :slight_smile:

Ooh, sorry.

There’s stuff you can do with asp.net, but it’s 1000x easier with .net 2.0 (example) It might be overkill - and also will not work if you’re not actually making an asp.net web app - but that’s the easiest thing I can think of off the top of my head.

How dedicated are you to keeping this hosting plan? Sounds like you’re much better versed in Apache hosting…and being restricted to .net 1.1, when 3.5 is already out, sounds like a nightmare. Asp.net 1.1 is awful.

Honestly, I would take my business elsewhere. To a Linux hosting environment where you can move forward more easily.

Upgrade the webhosting to a server with non-archaic framework? The hell you say!

Believe me, I’d love to, but this is a company website (albeit a deprecated one, but we keep it around because we’re still hosting a couple oldschool ASP apps on it, which is why I can’t just swap it over to Linux). I’d have to talk the management into letting me do it, and…yeah.

It’s looking more and more like I might just be hosed. Wouldn’t be the first time.

[Irrelevant Bitching]

Ah well, all it does is shift my problem to figuring out how I can deploy this amalgamated mass of overcomplicated HTML/XML/JavaScript crap in our current web structure under .NET 3.5, so I can use IIS authentication like a normal person. Sounds easy enough…just copy the files and folder structure over, and Bob’s your uncle, right? Nope, because someone somewhere decided our entire web framework should exist under SharePoint, which can’t handle half the javascript filenames generated by the arcane program which exported the aforementioned amalgamated mass, and renaming them would mean, at minimum, sifting through the hundreds and hundreds of files within this monstrosity to update all the references.

[/IB]

At any rate, thanks for your responses. :slight_smile:

Ah, I understand your situation now.

If the files inside the directory were all .asp files, you could do it with a simple login, a session variable and an include file.

But, if you want to protect HTML files, images, css, js, etc…yeah, you’re out of luck :frowning: