[Nottingham] Password Protecting scripts on a webserver

Michael Erskine msemtd at yahoo.co.uk
Wed Jun 6 08:45:38 BST 2007

On Thursday 31 May 2007 15:30:49 Penfold wrote:
> What I really want is a secure version of .htpasswd whereby the
> webserver will not allow anyone to connect until they provide valid
> credentials but does not have the huge security flaws of http basic
> authentication.
> Any suggestions?

I've come into the discussion late but mod_auth_digest would be more secure 
since nothing is passed in plaintext: 

Michael Erskine.

Oh, that sound of male ego.  You travel halfway across the galaxy and
it's still the same song.
		-- Eve McHuron, "Mudd's Women", stardate 1330.1

The all-new Yahoo! Mail goes wherever you go - free your email address from your Internet provider. http://uk.docs.yahoo.com/nowyoucan.html

More information about the Nottingham mailing list