[Nottingham] Password Protecting scripts on a webserver

Penfold penfoldq at penfoldq.co.uk
Thu May 31 15:31:11 BST 2007


Hi all

I have a number of scripts I run that are web-based but have no security 
built-in. While running them from localhost only this is not a problem 
but I want to run them remotely over the big bad internet.

However, I don't want to modify the scripts to enforce the security.

What I really want is a secure version of .htpasswd whereby the 
webserver will not allow anyone to connect until they provide valid 
credentials but does not have the huge security flaws of http basic 
authentication.

Any suggestions?

I'm using Apache 2 but 1.3 is an option if necessary. Other webservers 
are also possible 'cos I don't mind running the secured pages on a 
different port. Also, I don't need to maintain large numbers of 
independent users with their own passwords... this isn't mega-secure, I 
just don't want nefarious people mucking around with running processes.

Thanks in advance.

-Penfold




More information about the Nottingham mailing list