diroussel Posted June 3, 2009 Report Share Posted June 3, 2009 I read the Hardening Wordpress article and thought I'd use digest authentication to protect my /blog/wp-admin area of wordpress. I created a password file using htdigest, then added the following to /blog/wp-admin/.htaccess AuthType Digest AuthName "dvae.net" AuthDigestAlgorithm MD5 AuthDigestDomain http://mydomain.net/blog/wp-admin/ AuthDigestProvider file AuthUserFile /home/dvaenet/apache-auth/auth.digest Require valid-user This kinda works, but it's not right. In Safari 3: I'm prompted for my password for every page load. If I remove the then I get prompted for every resource. In Firefox 3: I get the password prompt, but my password doesn't work. Any idea what I'm doing wrong? I've setup up basic auth and digest auth before, but on Apache on Windows. When Litespeed says it's apache compatible - what version of apache does that mean? David Quote Link to comment Share on other sites More sharing options...
Tony Posted June 3, 2009 Report Share Posted June 3, 2009 This seems to be wrong: AuthDigestDomain http://mydomain.net/blog/wp-admin/ But you could just be removing your domain from the example. But just a bit above you still have your domain there so I'm a little lost. I suggest making a ticket so that we can take a look it should work fine. Quote Link to comment Share on other sites More sharing options...
diroussel Posted June 3, 2009 Author Report Share Posted June 3, 2009 Ah, yes, I was trying to remove my domain name, but made a school boy error. Your remark sparked me to try changing to: AuthDigestDomain /blob/wp-admin and now it works! Yay, thanks Tony. Not sure why an absolute URL didn't work where a relative one did though. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.