Hi Irene, A few points to consider: 1. How much security do you really need? If you are processing financial transactions or high risk personal data then you need quite a lot. If you are simply creating a 'walled garden' for a members only area (i.e. protecting content from non-members) probably a lot less. In the first example, you must satisfy industry and regulatory standards in the second you are just trying to discourage poachers. 2. There are turn key solutions to many of the problems although I do not recommend them for financial or high risk data. They are quite viable for small to medium scale membership sites. If you collect member fees, use a service like Paypal to handle the transaction rather than doing it yourself. 3. Limiting access to pages is a common and trivial problem. Password protecting files is easily done in most scripting languages. For that matter, password protecting a directory on your server is easily achieved and not, in my opinion, a value-added service or one that takes lots of extra effort. 4. Set your robots.txt file to 'nofollow' for your protected files or directories. This prevents them from showing up on search engines. This is another trivial task. 5. If you are doing financial or high risk data transactions find a reliable security person to design site. Do not leave it to an inexperienced or generalist web master. Above all choose someone you trust absolutely. There is too much opportunity for abuse when it comes to coding tasks especially if you don't have expertise in that realm. If you think your ISP is being less than candid about their efforts I'd listen to that instinct and find another provider. HTH, Chris Woods On Fri, May 23, 2008 at 7:42 AM, Irene Starr <starr at langlab.umass.edu> wrote: > ** The author of this post was a Good Dobee. > ** You too can help the group > ** Fill out the survey/skills inventory in the member's area. > ** If you did, we all thank you. > > > I volunteered to create the web site for a group I belong to. We need the > pages as well as pdf, jpg, and other files to be accessible only to those > who have registered and received the login info. Our ISP contact person > wrote " My group has spent some solid time creating this capability for > you..." > > Is it so unusual to need limited access to pages or is the ISP group > inexperienced? Any other thoughts or suggestions? > > Thanks, > Irene Starr > > Keyboard Help: > www.starr.net/kbh (how to type (c) (R) à é ü ç ¡ ¿ & more) > > > _______________________________________________ > Hidden-discuss mailing list - home page: http://www.hidden-tech.net > Hidden-discuss at lists.hidden-tech.net > > You are receiving this because you are on the Hidden-Tech Discussion list. > If you would like to change your list preferences, Go to the Members > page on the Hidden Tech Web site. > http://www.hidden-tech.net/members > -- Keep up with me on Twitter: http://twitter.com/totallybeta Join my LinkedIn network: http://www.linkedin.com/pub/6/400/424