LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   htpasswd gets corrupted regularly (https://www.linuxquestions.org/questions/linux-security-4/htpasswd-gets-corrupted-regularly-139507/)

sukebe 01-28-2004 02:58 AM
htpasswd gets corrupted regularly
 
Hello,
my flat-text htpasswd file gets corrupted around every 10 days.
I've also tried the file as a dbm file, which did not resolve the problem.

My site also gets brute-forced heavily.

Is it possible that the brute-force attacks are corrupting the file? I heard that Linux will throttle back resources when the processor is on a heavy load, which might result in the corruption.

Other than that, I can only figure that the file is not always flocked when a routine is writing to the file, which I'm researching now.

Typically, the file gets truncated at some random position in the file.

thanks for any ideas,

Gordie

BlurredWeasel 01-28-2004 03:18 AM
Couple of quick ideas - try making it read only to EVERYBODY (so permissons of 444) - so that nobody can change it...this is assuming your web page doesn't change it. Second is to possibly use a different form of authentication - such as php (+mysql as needed) - it is a mite bit slower, but you'll be waiting for user input either way.

Have fun,
Chris


All times are GMT -5. The time now is 07:01 AM.