Sure, If you're going to use the default http auth mechanism, then use SSL.
if the URL is https:// something then it's all encrypted. (ok, unless you do something really odd with the server config). Note that the 'password window' is something your browser displays - once it's got the password it will usually post that password in a header in every subsequent request to the same domain name. If you're not planning on using SSL (one would then ask why you posted the question to modssl-users....) then consider using mod_auth_digest. Potts, Ross A. wrote: >Is there a way to encrypt the login window That I get when I want to reach >restricted areas? I have the password file setup and can log in, but I >understand that the password is sent in plaintext. I didn't see much in the >way of documentation about this. >______________________________________________________________________ >Apache Interface to OpenSSL (mod_ssl) www.modssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] > > ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
