Results 1 to 3 of 3
  1. #1
    Join Date
    Jun 2004
    Bay Area -USA

    Do you think this is necessary?

    I have password protected an entire directory using .htaccess.

    The administrator scripts are in this directory and I was wondering if you think adding something like:

    if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) {
    //do stuff here

    would be nessesary or not. Would it add any extra security?
    <<< Please see Forum Guidelines for signature setup. >>>

  2. #2
    Depends how paranoid you are. It can't hurt, and could come in handy if the .htaccess file was accidentally erased for some reason (or if you move to another site and somehow don't copy the file, or whatever).

    Since it's so easy to add, I'd say why not add it.

  3. #3
    Just a comment:

    if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) {
    //do stuff here
    will not work when compiled as php-cgi module.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts