On Monday 20 May 2002 19:27, Potts, Ross A. wrote: that's right.
> Actually, I am planning on having a fully https:// site. But, I still want > to restrict certain reports directories. So, let me see if I understand... > Once I am connected via SSL, then the password sent (after getting the lock > icon on the bottom) will also be encrypted? > > -----Original Message----- > From: Peter Viertel [mailto:[EMAIL PROTECTED]] > Sent: Monday, May 20, 2002 1:04 PM > To: [EMAIL PROTECTED] > Subject: Re: Password protected access > > > Sure, > > If you're going to use the default http auth mechanism, then use SSL. > > if the URL is https:// something then it's all encrypted. (ok, unless > you do something really odd with the server config). > > Note that the 'password window' is something your browser displays - > once it's got the password it will usually post that password in a > header in every subsequent request to the same domain name. > > If you're not planning on using SSL (one would then ask why you posted > the question to modssl-users....) then consider using mod_auth_digest. > > Potts, Ross A. wrote: > >Is there a way to encrypt the login window That I get when I want to reach > >restricted areas? I have the password file setup and can log in, but I > >understand that the password is sent in plaintext. I didn't see much in > > the > > >way of documentation about this. > >______________________________________________________________________ > >Apache Interface to OpenSSL (mod_ssl) www.modssl.org > >User Support Mailing List [EMAIL PROTECTED] > >Automated List Manager [EMAIL PROTECTED] > > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] -- e-admin internet gmbh Andreas Gietl Ludwig-Thoma-Strasse 35 93051 Regensburg tel +49 941 3810884 fax +49 941 3810891 mobil +49 171 6070008 ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]