137 | | For better security, it is recommended that you either enable SSL or at least use the “Digest” authentication scheme instead of “Basic”. Please read the [http://httpd.apache.org/docs/2.0/ Apache HTTPD documentation] to find out more. |
| 137 | For better security, it is recommended that you either enable SSL or at least use the “Digest” authentication scheme instead of “Basic”. Please read the [http://httpd.apache.org/docs/2.0/ Apache HTTPD documentation] to find out more. For example, on a Debian 4.0r1 (etch) system the relevant section in apache configuration can look like this: |
| 138 | {{{ |
| 139 | <Location "/trac/login"> |
| 140 | LoadModule auth_digest_module /usr/lib/apache2/modules/mod_auth_digest.so |
| 141 | AuthType Digest |
| 142 | AuthName "trac" |
| 143 | AuthDigestDomain /trac |
| 144 | AuthUserFile /somewhere/trac.htpasswd |
| 145 | Require valid-user |
| 146 | </Location> |
| 147 | }}} |
| 148 | and you'll have to update your .htpasswd file as follows: |
| 149 | {{{ |
| 150 | # htdigest /somewhere/trac.htpasswd trac admin |
| 151 | }}} |
| 152 | where the "trac" parameter above is the same as AuthDigestDomain above and "admin" is the user you previously created with the htpasswd command. |