TaskFreak! open source project management web application

Original :: Security tips for the single user version

Avoid search engines to index your TaskFreak! (single user version)

Although it's good for TaskFreak! itself to have a lot of results in search engines, it's pretty bad for its users since there is no login / authentication system in the (single user) version. Anybody can access private tasks and mess around with your todo list. Obviously not a friendly thing to do, but as humans tend to be evil, you'd better protect yourself.

To avoid such problems, you need to write a small plain text file with the following content:

	User-agent: *
	Disallow: /taskfreak
	

Change /taskfreak to taskfreak folder (from the URL, not the server path), then save this file as robots.txt on the web root of your server (the default directory accessed when accessing your domain name).

Protect the folder with Apache (.htaccess)

Before reading any further, simply go to your web host control panel / administration section and search for password protection feature.
Cpanel based hosting support password protection by default; simply follow the Password Protect Directories link on the home page of your cpanel.

If you run an apache webserver, there is a simple way to secure the access to your taskfreak by using .htaccess files

1. Create password file (.htpasswd)

Create a file on your server, preferably outside of the web directories, which contains a list of username and their (encrypted) passwords.

	John:68kHetWNYJqjs
	Mary:22I2iOlMCAIx2
	Bob:56xatL9elalv2
	Neal:40W15WGDWK5Bo
	

To generate such a file, use the command line htpasswd utility if you have telnet access to your server, or go to one of the online tools such as this one to generate your passwords, then copy and paste them to a plain text file.

2. Create the .htaccess file

Again, create a simple plain text file and write something like this:

	AuthName "Taskfreak"
	AuthType Basic
	AuthUserFile /full/path/to/.htpasswd
	Require valid-user
	

Replace the /full/path/to with the actual full path to your .htpasswd file (not the URL this time), and save it under the folder where your TaskFreak! is installed.

For more information about .htaccess files:
- tutorial at freewebmasterhelp.com
- official howto at apache.org


About TaskFreak!

TaskFreak! is a simple but efficient web based task manager written in PHP. It's an open source application, free to download. Its main goal is to make project management efficient while kept easy.

go to home page | latest news

Subscribe to RSS news feed

follow TaskFreak! on Twitter

TaskFreak! - copyright ©2005-2010 Stan Ozier - Supported by Tirzen