2013-06-19 19:09
浏览 15


I'm working on a website in which I -as an admin- need to be able to access a PHP script that no one else can. Building a whole login system with accounts would be overkill in this case, as I would be the only one using it.

So my question is, how can I create a very basic yet secure authentication system?

Given that I have an Apache HTTP Server, can I use the .htaccess file to forbid access to certain PHP files and ask for a certain combination of username/password?

图片转代码服务由CSDN问答提供 功能建议

我正在开发一个网站,我可以通过该网站访问 PHP 脚本,没有其他人可以。 在这种情况下,使用帐户构建一个完整的登录系统会有点过分,因为我是唯一使用它的人。

所以我的问题是,如何创建一个非常基本但安全的身份验证 系统?

鉴于我有一个 Apache HTTP Server ,我可以吗? 使用 .htaccess 文件禁止访问某些PHP文件和 要求用户名/密码的某种组合?

  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 邀请回答

3条回答 默认 最新

  • duanjuebin2519 2013-06-19 19:14

    Yes you can use Basic Auth with .htaccess see:

    And yes, you can define that only 1 file is asking for Username/Password.

    Little example e.g. for file "secure.php"

    <Files secure.php>
      AuthType basic
      AuthName "Need Login"
      AuthUserFile /path/to/.htusers
      Require valid-user
    解决 无用
    打赏 举报

相关推荐 更多相似问题