My company wish to place a section of the intranet on our external server and only allow staff access.
They are happy with one password for all users which they will change every month so htaccess is probably a good option for this.
What they are worried about is security of this section, they are adamant they want it external so staff can access from anywhere but prevent it being hacked.
I've searched but not found an answer to htaccess password protection security. Could I ask some questions please?
1. Will htaccess password protection simply allow a user to brute force it or will it prevent access after say 3 failed tries?
2. Does it request the password on each visit or can we use cookies to remember a user (expires 30 days)
3. Is htaccess the best route for this or should I create a php login form?
Thanks
They are happy with one password for all users which they will change every month so htaccess is probably a good option for this.
What they are worried about is security of this section, they are adamant they want it external so staff can access from anywhere but prevent it being hacked.
I've searched but not found an answer to htaccess password protection security. Could I ask some questions please?
1. Will htaccess password protection simply allow a user to brute force it or will it prevent access after say 3 failed tries?
2. Does it request the password on each visit or can we use cookies to remember a user (expires 30 days)
3. Is htaccess the best route for this or should I create a php login form?
Thanks