Page 1 of 1

Require password for non-localhost connections

Posted: Tue Oct 24, 2006 7:46 pm
by Ambush Commander
How would I configure Apache to allow connections not from 127.0.0.1 but require a password (while for connections from 127.0.0.1 not require a password)?

Posted: Tue Oct 24, 2006 8:32 pm
by volka

Posted: Tue Oct 24, 2006 8:49 pm
by Ambush Commander
That would do it, but I've decided against making my entire local webserver public since HTTP authentication passwords are easily sniffed and should be avoided.

Posted: Tue Oct 24, 2006 9:18 pm
by volka
Ambush Commander wrote:since HTTP authentication passwords are easily sniffed and should be avoided.
There's no need to use basic authentication, there are other options.

Posted: Tue Oct 24, 2006 9:22 pm
by Ambush Commander
Are you referring to Digest? Seems half-baked.

Oh, and I have to use Apache's access control mechanisms because I'm using it to make my local SVN server available remotely.

If I was smart, I'd get SSL working, but it's been a pain so far.