l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
August 5: Social gathering
Next Installfest:
TBD
Latest News:
Jul. 4: July, August and September: Security, Photography and Programming for Kids
Page last updated:
2005 Mar 16 00:57

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox-tech] htaccess and encrypted passwords
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox-tech] htaccess and encrypted passwords



For the first time tonight, I started playing around with .htaccess to
protect files in a particular directory.  The .htaccess file in question has
permissions of 644, and is:

   AuthUserFile  /etc/XXXXXXXXXXXXXXX
   AuthGroupFile /dev/null
   AuthName      XXXXXXXXXX
   AuthType      Basic

   <Limit GET POST PUT>
           require user XXXXXX
   </Limit>

Also, to protect the .htaccess file itself, I placed this in
/etc/apache/httpd.conf:

   <Files .htaccess>
      order allow,deny
      deny from all
   </Files>

I've read that it's possible to make this more secure than sending a
password uuencoded over the net.  I've seen references to md5 protecting the
password, but the documents I read said that no browser supports this.
Is this true?

Any other way to make this reasonably more secure?

This is new territory for me...

Thanks,
Pete

-- 
Save Star Trek Enterprise from extinction: http://www.saveenterprise.com

GPG Fingerprint: B9F1 6CF3 47C4 7CD8 D33E  70A9 A3B9 1945 67EA 951D
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!