homepage Welcome to WebmasterWorld Guest from 54.198.130.203
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Visit PubCon.com
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
Apache2 security bypassed with windows mobile?
Apache2 config settings and security
savantbrian




msg:4532162
 3:05 pm on Dec 31, 2012 (gmt 0)

I'm hoping someone can help me with this.
I've set my pc up as a web server (debian wheezy, apache2,) created a web site and restricted access to some folders with a password.
Everything works fine until one day I tried to access the restricted folders with my old Dell PDA running windows mobile and found I could gain access without a userid or password.
I have the following .htacess file entries:
AuthType Basic
AuthUserFile /etc/apache2/.htpasswd
AuthName "Enter password"
Require valid-user
+++++++++++++++++++++++
In the apache2.conf

<Directory /var/www/private>
Options Indexes Includes FollowSymLinks MultiViews
AllowOverride All
</Directory>

Any ideas please.
Thanks, Brian.

 

mack




msg:4532165
 3:24 pm on Dec 31, 2012 (gmt 0)

Had you accessed those directories in the past using the same device?

Mack.

savantbrian




msg:4532166
 3:30 pm on Dec 31, 2012 (gmt 0)

Hi mack,

I don't think so, but I did think of that and deleted all history, cookies and internet files just in case.

Thanks

savantbrian




msg:4532170
 3:48 pm on Dec 31, 2012 (gmt 0)

Ok I think I've found the problem thanks to the tip from mack.
I seems that windows mobile stores passwords in the registry. My memory not as good as it used to be so I'm guessing I must have accessed the site in the past and forgotten about it. Windows Mobile doesn't let you know its using a stored password
Thanks for memory jogger.
Cheers, Brian

phranque




msg:4532247
 10:43 pm on Dec 31, 2012 (gmt 0)

welcome to WebmasterWorld, Brian!

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved