.htaccess or OS related?
odhiambo at gmail.com
Mon Jul 7 12:59:00 UTC 2008
I wonder whether the hosting provider will let the OP install
mod_whatever, even, if he could not be allowed to use htpasswd.
On 7/7/08, Bill Moran <wmoran at potentialtech.com> wrote:
> In response to "Jos Chrispijn" <jos at webrz.net>:
>> I ran into a problem last night that I was able to solve, but generated a
>> I have this hosting provider (uses Debian OS) on which I can't use
>> to generate user and password to protect a single file.
>> To have this done I solved it as follows: did a htpasswd on my own server
>> (FreeBSD 7) and simply copied the file with the user:password (scrambled)
>> my home directory I have with this hosting provider and referred in the
>> .htaccess to it. And now comes the fun stuff: it worked without probs.
>> So the algorithm that is used on FreeBSD to scramble a user password is
>> same as it is used by Debian? Isn't that a security gap?
> The algorithm is part of Apache and has little or nothing to do with
> the OS on which it runs.
> And the encryption used to store passwords in .htaccess files is known
> to be weak. If you need something strong, look to one of the other mod_*
> security packages instead of .htaccess passwords.
> Bill Moran
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
Sent from Google Mail for mobile | mobile.google.com
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
"Oh My God! They killed init! You Bastards!"
--from a /. post
More information about the freebsd-questions