LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page apache directory security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-17-2004, 06:51 AM   #1
steve_babbage
LQ Newbie
 
Registered: Jul 2003
Location: Australia
Distribution: redhat9
Posts: 23

Rep: Reputation: 15
Unhappy apache directory security

Hi,

I am running apache on redhat 9.

I have set up some simple directory acces where a password file, and users file is used to only allow visitors access to /www/html/ on my server.
The /cgi-bin/ is locked out as forbidden, as is the htaccess stuff.

Basically, when a person goes to www.mycompany.com/forum/index.php they get asked for a username and password combo.
IE, a small dialogue box comes up in the IntExpl browser.
Once entered correctly, they get the index.php page displayed correctly.

OK. On that same page, there is a "log on" box with a username and password field, and a 'login' button. (This needs a different un/password combination)

When they give this info and press login, the apache server for some reason askes the user again for the username and password combo as in when they first came to the site? in other words, IE brings up another dialgoue box. If they type it, they get in.
Is this because my PHP files are in another directory?

How do i make it so they only type the username and password once for the site, and once for the php login?

Is this a session thing when browsing??

Steve
 
Old 02-20-2004, 01:15 PM   #2
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440

Rep: Reputation: 52
Quote:
When they give this info and press login, the apache server for some reason askes the user again for the username and password combo as in when they first came to the site? in other words, IE brings up another dialgoue box. If they type it, they get in.
Is the index.php calling a file in a different directory but in the same path? Try moving the rest of the php files to a completely different location.

-twantrd
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache Directory Listing Of NFS Mount, cannot view directory list via apache luqmana Linux - Networking 2 12-19-2005 06:03 AM
RedHat Enterprise 3 directory security from Windows Fillys6 Linux - Networking 3 06-03-2005 08:08 AM
sgid/directory security connman Linux - Security 2 04-15-2004 11:42 AM
Directory security issue malcie Linux - Newbie 4 07-18-2003 07:10 AM
Apache directory security cli_man Linux - Security 2 10-14-2002 05:40 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:17 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration