strange place for the .htpasswd

K

kark

Verified User
Joined
Jan 8, 2004
Messages
39
I made a protected directory for the admin site and was curious how DA would build this.

I protected a directory (test) in the private_html. I could find the .htaccess in the directory "test". Great, that's logical. But to my surprise the .htpasswd is written to:
/home/name/domains/domain.ext/.htpasswd/private_html/test/.htpasswd ?

It is working great so I'm not complaining. I just can't follow the logic here. Who can shine his/her light on this ?!

Thanks,
Kark
 
You have to put it outside the www directory otherwise it's world wide accesible. This way it's only accesible from the server itself and nobody can download the .htpasswd file and crack it.

In my bad times I cracked some passwords and got into sites I wasn't supposed too ;)
 
You must log in or register to reply here.
Back
Top