Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 11
Hi, The password protection works great for the web pages but noticed that the page(s) don't really time out if an EMP leaves the web page open over an extended ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2003
    Location
    Seattle
    Posts
    37

    Re: the password protected web pages, Can they be timed out?


    Hi,
    The password protection works great for the web pages but noticed that the page(s) don't really time out if an EMP leaves the web page open over an extended amount of time. Can the .htaccess file actually be set to force the user to relogin to the password protected directory(s) and pages?

    Regards,
    mtsal

  2. #2
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    That's not really how it works. The server doesn't cache that type of login at all. The reason why it doesn't time out is because the client (a.k.a. web browser) is caching the login data (including the password). Therefore, there isn't a server-side way to do that unless you want to reimplement the entire thing in PHP (or the like) instead.

  3. #3
    Just Joined!
    Join Date
    May 2003
    Location
    Seattle
    Posts
    37

    Thanks.

    I thought that there might be a directive that could be set to a time limit or so. Thanks for the explanation.

  4. #4
    Linux User
    Join Date
    May 2003
    Location
    CA
    Posts
    370
    so timeout functionality cannot be implemented on the server side if using Apache?
    Fixing Unix is better than working with Windows.
    http://nikhilk.homedns.org/projects/index.html

  5. #5
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    It cannot be implemented on any server, in fact, since the information is cached solely on the client. The server, whatever software it might be running, doesn't have any control over it.

  6. #6
    Linux Engineer
    Join Date
    Dec 2002
    Location
    New Zealand
    Posts
    766
    are u using cookies for authetication or just straight login then go nuts. With any sort of cookie setup u can limit the seesion time to say 20mins, then they will have to log in again if they leave the page for 20 mins

  7. #7
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    Yes, but HTTP "Basic authentication" doesn't use cookies. That is why I said that reimplementing it with PHP session control would help solve the problem, since that would use cookies.

  8. #8
    Just Joined!
    Join Date
    May 2003
    Location
    Seattle
    Posts
    37
    Hey Dold2000,
    Was impressed with an info.php file you scripted at a different posting. I'd like to borrow it if I may for some brief security testing on some of our pcs that contain external addresses? What all do I require to get it working?

    mtsal

  9. #9
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    I think that the PHP file probably isn't the best way to do that, since all it does is call some shell commands to get the actual info. The reason I made it into PHP was to show that a web page could do that.

    What exactly is it that you want to do? If it is the port scanning that you're interested in, all I used for that was nmap, which comes with many distributions. Just run "nmap <ip address or hostname>" to scan someone. To scan for the operating system as well, run "nmap -O <address>".

  10. #10
    Just Joined!
    Join Date
    May 2003
    Location
    Seattle
    Posts
    37
    We do manual nmaps but thought it would be convenient to do some our scans by just typing in the link. I gave it a whirl just a few minutes ago but, all we came up with was a blank page. The development server is php capable and is currently running some internal php web pages. Why is the page turning up blank though and not working as jubilently as it does on your site?

    mtsal

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •