Not that I ever use the basic http authentication...but in case I were to ever use it. Is there anything easy I can do to prevent from brute force attacks. The only thing I can think of is by using either a flat file or mysql database to keep attempts with ips/times. <br />If fact i use a mysql database for one of my sites for login attempts. <br /><br />Is there any other way?<!--content-->
There may be some way of doing it directly with Apache or some authentication module for it. I don't know any but it's possible, I guess.<br /><br />Otherwise, I'd do it like you described, with a PHP script, for example <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/smile.gif" style="vertical-align:middle" emoid="" border="0" alt="smile.gif" /><!--content-->
so, I'm guessing tch doesn't protect cpanel from brute force attacks.<!--content-->
I don't know about that, someone from the Divine Powers division would have to answer that.<!--content-->
<!--QuoteBegin-section31+Oct 26 2004, 04:45 PM--><div class='quotetop'>QUOTE(section31 @ Oct 26 2004, 04:45 PM)</div><div class='quotemain'><!--QuoteEBegin-->so, I'm guessing tch doesn't protect cpanel from brute force attacks.<!--QuoteEnd--></div><!--QuoteEEnd--><br />I think it would be pretty hard to successfully brute-force an account, since many of the usernames are random characters.<br /><br />I would think that specifics of the security measures used in TCH (or any webserver) are unpublished because of security.<!--content-->
There may be some way of doing it directly with Apache or some authentication module for it. I don't know any but it's possible, I guess.<br /><br />Otherwise, I'd do it like you described, with a PHP script, for example <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/smile.gif" style="vertical-align:middle" emoid="" border="0" alt="smile.gif" /><!--content-->
so, I'm guessing tch doesn't protect cpanel from brute force attacks.<!--content-->
I don't know about that, someone from the Divine Powers division would have to answer that.<!--content-->
<!--QuoteBegin-section31+Oct 26 2004, 04:45 PM--><div class='quotetop'>QUOTE(section31 @ Oct 26 2004, 04:45 PM)</div><div class='quotemain'><!--QuoteEBegin-->so, I'm guessing tch doesn't protect cpanel from brute force attacks.<!--QuoteEnd--></div><!--QuoteEEnd--><br />I think it would be pretty hard to successfully brute-force an account, since many of the usernames are random characters.<br /><br />I would think that specifics of the security measures used in TCH (or any webserver) are unpublished because of security.<!--content-->