[linux-help] web server security
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
I finally sat down and learned how to set up htaccess and htpasswd for
password protecting web pages. While it shouldn't have surprised me, I
hadn't realized that since the web server would have to read the web pages
AND the password files, all these files must have 644 permissions. This is
not good, since anyone with access to the system can access the supposedly
password protected web pages!
Are there an alternative way to set this up to make it more secure? Are
there any alternatives to htaccess for protecting web pages?
Thanks,
John
-- This is the linux-help@xxxxxxxxx list. To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
- [linux-help] web server security,
John Reinke <=
|
|