Semisecure Login Reimagined
Prior to WordPress 2.5, I’d been using a plugin called Semisecure Login. This plugin would encrypt your password when logging in via a one-way md5 hash and compare this to your password’s md5 hash on the server side (prior to WordPress 2.5 passwords were stored in the database as md5 hashes). A nonce was thrown in for good measure to help prevent replay attacks. This, effectively, provided a “semisecure” …
read onHow To Unprotect A Folder In Apache
The Apache HTTP web-server makes it easy to protect a folder (and its sub-folders) with a username/password prompt. Simply create a .htaccess file in the specified folder, and add something like this:
AuthName "Folder Protection" AuthUserFile /path/to/.htpasswd AuthGroupFile /dev/null AuthType Basic Require valid-user
For help with generating a valid .htpasswd file, you can use a tool like Dynamic Drive’s .htaccess Password Generator. There are plenty of tutorials online that explain this process.
On the other hand, …
read on