[thelist] Apache Password Protection Tip
DESCHAMPS Stéphane DvSI/SICoR
stephane.deschamps at francetelecom.com
Thu Jan 17 02:46:51 CST 2002
> You know how to password protect a directory using
> .htaccess/.htpasswd, but
> you don't like that default pop up box generated by the
> browser asking for
> name and password.
>
> Here's syntax to create a link to bypass that box and go
> directly into the
> protected directory:
>
> http://username:password@http://www.domain.com/protected_folder.
If you want some security I'd avise against it: look at the history of your
browser and see the URL plainly displayed. Then imagine that all routers
this URL has been through have the URL clearly readable too...
I prefer an ugly password dialog box, myself.
Or better I use [insert your favorite server-side language here] to have
something really nice to manage the login/passwords gracefully.
s t e f [ n o t a - b e n e . o r g ]
More information about the thelist
mailing list