[thelist] how secure is htauth

Joxn joxn at vernum.com
Mon Oct 23 09:58:09 CDT 2000

Hi everybody,
I want to keep my admin scripts in a secure directory on my server.
Therefore, I set up the "AuthType Basic" in my httpd.conf.
Now I wonder: how secure is this?

Sure, I know the saying "If you don't want anybody to see it, don't put
it online." But these are my admin scripts that need to be run from a
browser and I don't care *that* much if you can hack it - at least if it
takes longer than 10 min. ;)
I'm not the Pentagon.

I'm jsut curious if there are known bugs in Apache/1.3.12 (on a ReHat
box) or knows hacks that would make it too easy.

   || //\\ \\// |\\||  ::  joxn at vernum.com  ::
 \\|| \\// //\\ ||\\|  ::      8053703      ::

More information about the thelist mailing list