Uh oh. Looks like your using an ad blocker.
Our site is support by ads that help to pay our hosting costs. Please disable or whitelist us within your ad blocker to help us keep the site online.
All money generate by ads and donations is used to pay the hosting costs of the site.
|Hi @ all,|
I'm a total newbie here, so please bear with me...
I have a question about .htaccess, perhaps someone can
help me with this.
There is a website (I don't post the address here) that
sells graphics and tubes for PSP-Users to create signature-tags
from various artists.
When you buy these packages you will get a download-link for a
.rtf-document with the info from where you can download your files
(it's a totally other url then the one where you buy) and the username
and password. When you go to this url you must click on an image and then a window pops up where you can insert the username and password (I think it's .htaccess).
I'm a customer there and bought many packages, but I'm a little scared about the security aspect there because I found out a few things:
1. when multiple customers bought i.e. package A from artist B they all get the same username and password, it's not individual for different users. And the username is always the name from the artist, so it's only a 50 % security, I think.
2. when you leave something from the download-url you can get into the directory which says "Index of/" and some things I discovered aren't secured with .htaccess, you can download the zips directly, others are.
So perhaps someone can tell me if there's a way to break into these .htaccess-files when you already got the username and only must guess the password? The password is always a 5-10 one with uppercase, lowercase and numbers mixed. The .htaccess-file isn't visible but I know in which directory it is, but you can't see it cause it's forbidden.
I ask this because I'm scared about buying there in the future cause I think the security aspect is not given.
I hope someone can help me and answer here or pm me.
Thanx so much,