Welcome to WebmasterWorld Guest from 50.17.5.36

Forum Moderators: bakedjake

Message Too Old, No Replies

Apache2 security bypassed with windows mobile?

Apache2 config settings and security

     
3:05 pm on Dec 31, 2012 (gmt 0)

New User

joined:Dec 31, 2012
posts: 4
votes: 0


I'm hoping someone can help me with this.
I've set my pc up as a web server (debian wheezy, apache2,) created a web site and restricted access to some folders with a password.
Everything works fine until one day I tried to access the restricted folders with my old Dell PDA running windows mobile and found I could gain access without a userid or password.
I have the following .htacess file entries:
AuthType Basic
AuthUserFile /etc/apache2/.htpasswd
AuthName "Enter password"
Require valid-user
+++++++++++++++++++++++
In the apache2.conf

<Directory /var/www/private>
Options Indexes Includes FollowSymLinks MultiViews
AllowOverride All
</Directory>

Any ideas please.
Thanks, Brian.
3:24 pm on Dec 31, 2012 (gmt 0)

Moderator from GB 

WebmasterWorld Administrator mack is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:June 15, 2001
posts:7557
votes: 3


Had you accessed those directories in the past using the same device?

Mack.
3:30 pm on Dec 31, 2012 (gmt 0)

New User

joined:Dec 31, 2012
posts:4
votes: 0


Hi mack,

I don't think so, but I did think of that and deleted all history, cookies and internet files just in case.

Thanks
3:48 pm on Dec 31, 2012 (gmt 0)

New User

joined:Dec 31, 2012
posts:4
votes: 0


Ok I think I've found the problem thanks to the tip from mack.
I seems that windows mobile stores passwords in the registry. My memory not as good as it used to be so I'm guessing I must have accessed the site in the past and forgotten about it. Windows Mobile doesn't let you know its using a stored password
Thanks for memory jogger.
Cheers, Brian
10:43 pm on Dec 31, 2012 (gmt 0)

Administrator

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Aug 10, 2004
posts:10542
votes: 8


welcome to WebmasterWorld, Brian!