Security Basics mailing list archives
Re: Web Authentication
From: Nick Owen <nickowen () mindspring com>
Date: Fri, 21 Jul 2006 12:54:04 -0400
pimp mastermind wrote:
I have Slackware 10.1 runing. I am using it as a router and fileserver. I use Apache 1.3 for web access. I have some web directories which i want to secure more strongly than with htpasswd but i dont know any other ways of authentication. Also a lot of my scripts in those directories are wirted in PHP Perl and CGI scripting. I need to find a better way of authentication? Does any one knows any better way of authentication? Thank you all in advance for your help
You should be able to easily require different authentication mechanisms by using the various mod_auth_ tools and the directory or location directives. I just finished a doc on setting up apache to use mod_auth_radius and WiKID for two-factor authentication, which should help for any form of 2FA with apache: http://www.wikidsystems.com/howtos/how-to-add-two-factor-authentication-to-apache/ I would be happy if you tried the open source WiKID server. http://sourceforge.net/projects/wikid-twofactor/ You will find network client 'plugins' for PHP, ruby, python, etc on our sf.net site here: http://sourceforge.net/project/showfiles.php?group_id=144774 (sorry, no perl as of yet). hth, nick -- Nick Owen WiKID Systems, Inc. 404.962.8983 http://www.wikidsystems.com Commercial/Open Source Two-Factor Authentication https://www.linkedin.com/in/nickowen --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Web Authentication pimp mastermind (Jul 21)
- Re: Web Authentication Nick Owen (Jul 21)
- Re: Web Authentication Maxim Kostyukov (Jul 24)
- Re: Web Authentication Florian Streck (Jul 27)
- Re: Web Authentication pimp mastermind (Jul 31)
- Re: Web Authentication Florian Streck (Jul 31)
- Re: Web Authentication Florian Streck (Jul 27)
- Re: Web Authentication Emilio Casbas (Jul 28)
- <Possible follow-ups>
- RE: Web Authentication Kamran Iqbal (Jul 31)