Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How Secure are Apache Passwords

Status
Not open for further replies.
Nutthick

Nutthick

MIS
Jan 14, 2004
126
GB
I'm thinking about using Apache to handle some sensitive data, and protect it by using the Apache Username and Password system. How secure is the setup? Can is be easily hacked? Does anyone know anything about it?

Thanks
 
Sort by date Sort by votes
I recommend that you not use Basic authentication but rather Digest authentication as the latter is more secure. See for more information.

Keep in mind, too, that since HTTP is stateless, the browser has to keep track of a lot of information. If the user has logged in to your site, the browser will remember the user's credentials until the browser is shut down. Also, many modern browsers will offer to permenantly remember passwords for the user.

You might also think about using HTTPS.




Want the best answers? Ask the best questions!

TANSTAAFL!!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SamBones
  • Locked
  • Question
How Do I Start/Stop Systemd Services as a non-root User?
Replies
2
Views
639
gbaughma
gbaughma
AbidingDude
  • Locked
  • Question
Newbie Apache Cache Question
Replies
5
Views
322
AbidingDude
AbidingDude
daniel.warner
  • Locked
  • Question
Desperately need help setting up wildcard certs on Apache/Tomcat
Replies
2
Views
229
daniel.warner
daniel.warner
Frank DBA
  • Locked
  • Question
Apache XForwardedFor Header
Replies
1
Views
165
RhythmAce
RhythmAce
johngiggs
  • Locked
  • Question
Apache RewriteRule or RewriteCond
Replies
4
Views
206
feherke
feherke

Part and Inventory Search

Sponsor

Back
Top