search for: htdigest

We have several web applications deployed under Apache that require a user id / password authentication. Some of these use htdigest and others use the application itself. Recently we have experienced several brute force attacks against some of these services which have been dealt with for the nonce by changes to iptables. However, I am not convinced that these changes are the answer. Therefore I have been looking at http pro...

CentOS-6.5 httpd-2.2.15 (centos) I am trying to understand how directory access control works in Apache-2.2. Does a means exist to revoke access in a subdirectory if access has been granted in a higher one? We restrict access to the entire site via htdigest but some directories are need to be further restricted by the group a user is assigned to. I have this situation: <Directory /> AuthType Digest AuthName ca.harte-lyne AuthDigestDomain / AuthDigestProvider file AuthUserFile /etc/httpd/access.d/.htdigest AuthGroupFi...

Will shortly be deploying first iteration of app to some beta testers (i.e. friends), and want them to be able see it both from logged-in view and guest (i.e. not logged-in) view. The two are a fair bit different. It''s a closed beta, so (hopefully) no pages (other than a blank login page) will be visible. The question is, what''s the best way for them to be able to see (and

...2 ========== We enable webdav on these sites for the client to be able to upload files. And for this we use the apache settings: AuthDigestProvider file AuthUserFile /somefilesomewhere Which means that we need to create /somefilesomewhere and populate it using invocations of "htdigest realm username" (which will ask for a password and store a hash of it in the file it seems). It would be nice if I can specify a list of domains somewhere, and a list of users elsewhere, stating which users belong to which domains. (A particular user possible belonging to more than one domain...

...andir}/man8/suexec* %{_mandir}/man8/apachectl.8* %{_mandir}/man8/httpd.8* %{_mandir}/man8/htcacheclean.8* %{_mandir}/man8/fcgistarter.8* %files manual %defattr(-,root,root) %{contentdir}/manual %{contentdir}/error/README %files tools %defattr(-,root,root) %{_bindir}/ab %{_bindir}/htdbm %{_bindir}/htdigest %{_bindir}/htpasswd %{_bindir}/logresolve %{_bindir}/httxt2dbm %{_sbindir}/rotatelogs %{_mandir}/man1/htdbm.1* %{_mandir}/man1/htdigest.1* %{_mandir}/man1/htpasswd.1* %{_mandir}/man1/httxt2dbm.1* %{_mandir}/man1/ab.1* %{_mandir}/man1/logresolve.1* %{_mandir}/man8/rotatelogs.8* %doc LICENSE NOTICE...

I''ve just started creating a web application with approx. 100 tables. Possibly more. Oracle is the DB. There exists a legacy schema I that i will use some of. So far i have created a small bit of the app, approx 10 tables. Im using webrick on my local machine. The Oracle DB is on its own server. My boss has noticed that its not really that zippy, there is a small delay between