Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[tlug] apache mod_auth_digest
- Date: Sun, 1 Apr 2007 14:56:06 +0900
- From: "Hector Akamine" <akamine@example.com>
- Subject: [tlug] apache mod_auth_digest
Hello,
I am trying to set up mod_auth_digest in apache 2.2.3, in order to restrict access to a web server directory. My .htaccess file in the private directory contains something like the following:
AuthType Digest AuthName "private area" AuthDigestDomain /private/ AuthUserFile /var/www/html/private/.htdigest AuthDigestNonceLifetime 30 require user privuser
(my httpd.conf contains an "AllowOverride AuthConfig" declaration for the private directory)
1) How can I make the authentication expire after some time? It seems the AuthDigestNonceLifetime line does not make this happen (after I enter the password once, I have permanent access to the directory)
2) Is it a security problem to put the .htdigest file in the same private directory? The httpd.conf contains the following lines, but I don't know if that's enough:
# The following lines prevent .htaccess and .htpasswd files from being # viewed by Web clients. <Files ~ "^\.ht"> Order allow,deny Deny from all </Files>
Thanks, Hector
- Follow-Ups:
- Re: [tlug] apache mod_auth_digest
- From: Keith Bawden
- Re: [tlug] apache mod_auth_digest
- Prev by Date: Re: [tlug] [OT] How is Akanbe expressed in English?
- Next by Date: Re: [tlug] how filesystem works?
- Previous by thread: Re: [tlug] [OT] How is Akanbe expressed in English?
- Next by thread: Re: [tlug] apache mod_auth_digest
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |