.htaccess question
Hi @ all, I'm a total newbie here, so please bear with me… I have a question about .htaccess, perhaps someone can help me with this. There is a website (I don't post the address here) that sells graphics and tubes for PSP-Users to create signature-tags from various artists. When you buy these packages you will get a download-link for a .rtf-document with the info from where you can download your files (it's a totally other url then the one where you buy) and the username and password. When you go to this url you must click on an image and then a window pops up where you can insert the username and password (I think it's .htaccess). I'm a customer there and bought many packages, but I'm a little scared about the security aspect there because I found out a few things:
-
when multiple customers bought i.e. package A from artist B they all get the same username and password, it's not individual for different users. And the username is always the name from the artist, so it's only a 50 % security, I think.
-
when you leave something from the download-url you can get into the directory which says "Index of/" and some things I discovered aren't secured with .htaccess, you can download the zips directly, others are.
So perhaps someone can tell me if there's a way to break into these .htaccess-files when you already got the username and only must guess the password? The password is always a 5-10 one with uppercase, lowercase and numbers mixed. The .htaccess-file isn't visible but I know in which directory it is, but you can't see it cause it's forbidden.
I ask this because I'm scared about buying there in the future cause I think the security aspect is not given. I hope someone can help me and answer here or pm me. Thanx so much, wullewaddel