add comment on htaccess http authentication

2025-04-25 01:32:36 +02:00 · 2016-07-11 16:27:42 -07:00 · 2016-07-11 16:27:42 -07:00 · b1492802ca
commit b1492802ca
parent 69186f1814
1 changed files with 4 additions and 0 deletions
--- a/views/contact.erb
+++ b/views/contact.erb
@ -181,6 +181,10 @@
          <p>
            The .htaccess file is an Apache specific thing, and we don't use Apache for our backend. In addition, we generally don't add features to Neocities that make the functionality of sites depend on custom backend functionality (the sole exception being that we make sure "page not found" goes to "not_found.html" so you can create a custom 404.)
          </p>
+
+          <p>
+            Finally, we sometimes see people trying to use .htaccess for authentication (with usernames and passwords). Neocities is only for sites and information you want to make public, and it is dangerous to use it for private sites! We make backups of your site and attackers can easily find any information you're trying to hide using our archivers. Our goal is to make sure your sites stay up for a long time and persist, not to enforce secrecy zones on your site. If you want to make a controlled access site, Neocities is not for you.
+          </p>
        </div>
      </div>
    </div>