Securing admin panel with htpasswd

roger_smith · 10-17-2015, 03:56 AM

(10-17-2015, 03:54 AM)dotcppfile Wrote: Wrong, this is where it got shit: https://www.sinister.ly/Thread-Leak-Hack...#pid546228

Anyways, I'm fine with it, let it be mate.

I guess we'll agree to disagree on that point as well then. I can't expend anymore energy on a 3rd argument with you today.

Cheers

The Real Slim Shady · 10-17-2015, 04:33 AM

.htpasswd is SHIT. No doubt about it. It's not stopping anyone with any real experience for very long.

That said - it's one added measure that doesn't HURT to add. It's not really going to make you any less secure, and it *might* make you a little more secure. Because quite frankly, if you're using shit like Wordpress and MyBB - you aren't a coder and you aren't writing secure code. you have no idea what someone is going to find or add in future updates. Preventing some noob from accessing a file or directory might be the difference between getting pwned by a script kiddie.

Both of you make good points. but they ARE NOT mutually exclusive.

Skull-Cruncher · 11-07-2015, 03:50 PM

htpasswd is a good layer of security. It could save your ass

Dismas · 11-08-2015, 08:34 PM

(11-07-2015, 03:50 PM)Skull-Cruncher Wrote: htpasswd is a good layer of security. It could save your ass

Bruteforcing can also wreck your ass.

Skull-Cruncher · 11-11-2015, 05:11 PM

(11-08-2015, 08:34 PM)Oni Wrote: Bruteforcing can also wreck your ass.

Just put a really long login for htpasswd lol