[thelist] Apache Password Protection Tip

DESCHAMPS Stéphane DvSI/SICoR stephane.deschamps at francetelecom.com
Thu Jan 17 02:46:51 CST 2002


> You know how to password protect a directory using
> .htaccess/.htpasswd, but
> you don't like that default pop up box generated by the
> browser asking for
> name and password.
>
> Here's syntax to create a link to bypass that box and go
> directly into the
> protected directory:
>
> http://username:password@http://www.domain.com/protected_folder.

If you want some security I'd avise against it: look at the history of your
browser and see the URL plainly displayed. Then imagine that all routers
this URL has been through have the URL clearly readable too...

I prefer an ugly password dialog box, myself.

Or better I use [insert your favorite server-side language here] to have
something really nice to manage the login/passwords gracefully.

s t e f [ n o t a - b e n e . o r g ]





More information about the thelist mailing list