| 137 | | For better security, it is recommended that you either enable SSL or at least use the “Digest” authentication scheme instead of “Basic”. Please read the [http://httpd.apache.org/docs/2.0/ Apache HTTPD documentation] to find out more. |
| | 137 | For better security, it is recommended that you either enable SSL or at least use the “Digest” authentication scheme instead of “Basic”. Please read the [http://httpd.apache.org/docs/2.0/ Apache HTTPD documentation] to find out more. For example, on a Debian 4.0r1 (etch) system the relevant section in apache configuration can look like this: |
| | 138 | {{{ |
| | 139 | <Location "/trac/login"> |
| | 140 | LoadModule auth_digest_module /usr/lib/apache2/modules/mod_auth_digest.so |
| | 141 | AuthType Digest |
| | 142 | AuthName "trac" |
| | 143 | AuthDigestDomain /trac |
| | 144 | AuthUserFile /somewhere/trac.htpasswd |
| | 145 | Require valid-user |
| | 146 | </Location> |
| | 147 | }}} |
| | 148 | and you'll have to update your .htpasswd file as follows: |
| | 149 | {{{ |
| | 150 | # htdigest /somewhere/trac.htpasswd trac admin |
| | 151 | }}} |
| | 152 | where the "trac" parameter above is the same as AuthDigestDomain above and "admin" is the user you previously created with the htpasswd command. |
