[pavin]

hey guys can we set a password security that prompt for user id and password in windows. I am using apache 2.40 version in windows xp. If it is possible can you give me some example to test out.
Thanks :)

[JustAsFire]

do you mean a login promt?

[SkitZZ]

any apache web server will support .htaccess and you can set passwords protecting folders and more ;)

.htaccess tutorial
.htaccess password encrypter

SkitZZ

[DarkRider]

// BEGIN .htaccess by DarkRider
	if (!isset($_SERVER['PHP_AUTH_USER'])) { 
  header('WWW-Authenticate: Basic realm="Restrict Access!"'); 
  header("HTTP/1.0 401 Unauthorized"); 
  exit; 
	} else { 
  $userinf=$DB_site->query_first("SELECT user.password,user.userid,user.salt FROM user WHERE username='$_SERVER[PHP_AUTH_USER]'"); 
	} 
	$salt = $userinf['salt']; 
	$pass = $userinf['password']; 
	$userp = md5(md5($_SERVER['PHP_AUTH_PW']) . $salt); 
         
	if ($pass != $userp) { 
  header('WWW-Authenticate: Basic realm="Restrict Access!"'); 
  header('HTTP/1.0 401 Unauthorized'); 
  exit;
	} 
	// END .htaccess by DarkRider
}

This is a nice option too ;)

[pavin]

as far as i learn i knew that
- need to create a file name .htaccess
- need to code it with the script
- need to make another file .htpasswd

Is this sufficient and is this code enough for security reason

AuthName "Section Name"
AuthType Basic
AuthUserFile /full/path/to/.htpasswd
Require valid-user

also how can we make directory viewing off in apache. i Think it can be done in its configuration file or am i wrong.

Thanks

[gogu258]

Try to modify httpd.conf with .htaccess as htaccess.hmt or whatever. Also you could try to open an htaccess.txt file with notepad and save it as .htaccess.
Remember Apache2 is much different than Apache 1.3.x.