Support NeoGAF

[heavenly]

Which is considered more secure and why?

Combination of server side scripts (php, asp, et al) and database (MySql, Oracle, et al)

Or


IIS built-in authentication.

 

[demi]

liak php becuz it runs on linux and it is more secur

 

[Blimblim]

Authentification in your script is always a risk since there could be a way to "kill" it by exploiting a bug in the language or in your own code.
The less layers between the server and the authentification, the better. But then of course you lose a lost of flexibility.

 

[heavenly]

How do you customized failed IIS authentication? I don't like a user receiving the cryptic 404 page if he or she clicks cancel.

And how does the IIS authentication work?

 

[Blimblim]

I don't know, and don't really want to know anything about IIS. I guess there is something in the control panel that will allow you to customize the error 403 page.

 

[cubicle47b]

You can set up IIS to authenticate various ways. We use active directory so they need a domain name \ username and the correct password. If you cancel you get a "you are not authorized to view this page" error. I think you can replace that page with a custom page within IIS.