- Nov 20, 2010
- 1,487
- 1
- 81
Hi all,
At the moment i have a website (with nothing on it) hosted on a RaspberryPi at home using debian and apache2. I have two virtual hosts setup. One on port 80 which is just a static website for fun and another on port 443 with a self signed SSL certificate where i'm storing a few downloads i want to share with select people.
The SSL secure website is username and password protected with Apaches inbuilt authorization system (not using .htaccess, but put the code right into the virtual host) so that that username and logon won't be sent in clear text. The goal is to keep out normal people and the common hacker. so i'm wondering if a password protected folder served up by apache over SSL is safe enough for a few private downloads?
the .htpasswd file is of course stored in a folder that isn't served up by apache.
Is it secure enough?
Thank you.
At the moment i have a website (with nothing on it) hosted on a RaspberryPi at home using debian and apache2. I have two virtual hosts setup. One on port 80 which is just a static website for fun and another on port 443 with a self signed SSL certificate where i'm storing a few downloads i want to share with select people.
The SSL secure website is username and password protected with Apaches inbuilt authorization system (not using .htaccess, but put the code right into the virtual host) so that that username and logon won't be sent in clear text. The goal is to keep out normal people and the common hacker. so i'm wondering if a password protected folder served up by apache over SSL is safe enough for a few private downloads?
the .htpasswd file is of course stored in a folder that isn't served up by apache.
Is it secure enough?
Thank you.
Facebook
Twitter