Doyenhub

logo
logo
logo
logo

OUR BLOGS

May 7, 2021

Secure data on server without installing Server side language

Secure Data on Server Without Server-Side Language

Secure data on server without installing Server side language
Secure data on server without installing Server side language

In today’s digital world, site speed is crucial, and securing content is just as important. Securing data on the server without using server-side language offers a simple and effective solution for developers working with static websites. By relying on HTML, JavaScript, and server configurations, you can ensure that your site remains both fast and secure, even when managing sensitive content.

Why Choose to Avoid Server-Side Language for Security?

Server-side technologies like PHP or Node.js are common for dynamic websites, but they can slow down your site. Static websites, on the other hand, can benefit from simpler methods of securing data without adding complexity. This approach helps you keep your website secure while ensuring optimal performance.

How to Secure Data Without Server-Side Language

1. Separate Your Secure Content

Begin by dividing your content into two separate files:

  • Main HTML File: Displays public information and contains placeholders for the secure content (e.g., page1.html).
  • Secure Content File: Sensitive data is stored in a separate .txt file (e.g., content/page1.txt). This method prevents exposing the secure content in the HTML source..

2. Prevent Unauthorized Access to the Secure Content

To block unauthorized users from accessing your .txt file directly, add the following configurations:

For Nginx:

server {
listen 80;
server_name website.com;
root /var/www/website.com/html;
location ~* content/ {
valid_referers server_names;
if ($invalid_referer) {
return 403;
}
}
}

For Apache:
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://%{HTTP_HOST}%{REQUEST_URI}*$
RewriteRule .(txt) – [F,NC]

By implementing these settings, direct access to the secure content is blocked.

3. Dynamically Load Content After Verification

Once the user is authenticated, secure content can be loaded dynamically using JavaScript. Here’s an example of how to fetch sensitive content and display it on the page:

$.get(“content/page1.txt”, function (data) {
$(“body”).html(data);
// Additional code here
});

Advantages of Securing Data Without Server-Side Technology

  • Enhanced Security: Sensitive content remains hidden until verified users are authenticated.
  • Improved Performance: Static sites avoid the overhead of server-side scripting.
  • Scalability: This method is ideal for websites with multiple user levels and static content.

Conclusion: How to Secure Data Without Server-Side Language

Utilizing HTML, JavaScript, and server configurations (Nginx or Apache), you can easily secure data on your server without server-side language. This method is both efficient and scalable, ensuring that sensitive information stays protected while maintaining fast site performance.

Need help securing your website? Check out our comprehensive guide on securing static sites or contact us for more expert tips!

Leave a comment

Your email address will not be published. Required fields are marked *