[Nottingham] Password Protecting scripts on a webserver
Michael Erskine
msemtd at yahoo.co.uk
Wed Jun 6 08:45:38 BST 2007
On Thursday 31 May 2007 15:30:49 Penfold wrote:
> What I really want is a secure version of .htpasswd whereby the
> webserver will not allow anyone to connect until they provide valid
> credentials but does not have the huge security flaws of http basic
> authentication.
>
> Any suggestions?
I've come into the discussion late but mod_auth_digest would be more secure
since nothing is passed in plaintext:
http://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html
Regards,
Michael Erskine.
--
Oh, that sound of male ego. You travel halfway across the galaxy and
it's still the same song.
-- Eve McHuron, "Mudd's Women", stardate 1330.1
___________________________________________________________
The all-new Yahoo! Mail goes wherever you go - free your email address from your Internet provider. http://uk.docs.yahoo.com/nowyoucan.html
More information about the Nottingham
mailing list