Thank you for the replies. Obscurity has been quite satisfactory so far, but things are progressing and we have a publisher’s contract, so maybe it’s time to move up a step.
Lensman rhetorically asks, “would it be that hard for you to throw a password on the directory?”
Well, using Dreamhost’s ultra-easy Goodies/Htaccess panel I’ve added a .htaccess and .htpasswd file,
which is OK with Firefox Safari and Opera, but it makes Internet Explorer (version 7) throw up the following horrible message:
“Warning: This server is requesting that your username and password be sent in an insecure manner (basic authentication without a secure connection).”
Maybe IE is trying to be helpful, in its clumsy Microsoft way, and suggesting that HTTPS would be more appropriate. But the overall effect is to be unwelcoming. It is not going to impress the publisher, and it is going to scare away some of my friends.
However, according to the Dreamhost support wiki, “In order to allow visitors to access your site securely, you will need to have your own unique IP address and sign up for the Secure Server.”
What would be a more sensible way of getting rid of that scary message from IE?