Start by creating a folder on your server. You can create a folder using any FTP Client or from your web site control panel.

Using an FTP client or from your website control panel set the permissions (CHMOD) on the folder to 777.

1. From the ppSD2 control panel, click on “Areas” > “Add a Secure Area”
   • Name: Input a reference name for this secure area
   • Start Page: This is the first URL to which users will be redirected when logging into the secure area. Input this as a full URL (http://www.yoursite.com/secure_folder/start_page.html)
   • No Access Page: If a user who is either not logged in or does not have permission to view the secure area attempts to access it, they will be redirected to this URL. If you wish to redirect them to the default login page, leave the field as “http://”
   • Protection Type: Select how you would like to secure the folder
     • mod_rewrite: Recommended. Will allow for full use of all the program’s features, including statistical tracking.
     • htaccess: Limits statistical tracking and will not allow use of the default login page. Instead users will be shown a “pop up system login box”.
   • vDomain?: If this secure area is not on the same domain as the administrative control panel, tick this checkbox and input a Base vDomain. The Base vDomain should be inputed as “yoursite.com” or “subdomain.yourdomain.com”.
2. Next, select the folder from the list of folders on your server, or click on “Manually enter folder” and input the absolute path to the folder you wish to secure.
3. Click on “Add Secure Area”
4. Your next step is to select the users you wish to assign to the secure area. You can choose to skip this step if you wish.

You can test the security on the folder by typing the folder’s URL into a web browser. You should see either a login page or, if you inputted a custom No Access Page, you should see the No Access Page.

1. It should be located outside of the secure area.
2. It should contain either a custom login form or a link to the ppSD2 login page.
3. It should notify the user that he/she does not have access to this folder and needs to log in to gain access.

1. Don’t place secure folders within other secure folders. So if you have a secure folder named “members” and then sub-directories within that folder that you wish to secure, move the sub-directories out of the “members” folder first. This will ensure that users who may have access to one of the sub-directories but not the “members” folder will be able to access their secure areas without any problems.
2. Security for CMS directories such as Wordpress works differently then standard security. Since the files within the folder are dynamically generated by programs such as Wordpress, the entire folder will not be secure. Instead code will be added to the Wordpress index.php file to ensure that all Wordpress-generated links require user-login to access.