logging .htaccess Basic auth attempts

Client Joined: Jan 29, 2004 Posts: 624

I came across this interesting article about logging with PhP .htaccess and ..htpasswd Basic auth login attempts [ Only registered users can see links on this board! Get registered or login! ]
I'd like to add this to my admin tools but I'm not sure how to set it up so I'd appreciate insite.

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

Since I am not familiar with it (until now) I don't think I can offer any insight beyond what the article does. Is there something specific that you have a question?

Posted: Mon Mar 10, 2008 5:17 pm

Specific? Well, the part

Code:




$password=base64_decode(str_replace('Basic ','', $_SERVER['HTTP_AUTHORIZATION']));


echo $password;

below

Quote:

This is the php code you can use to show the decrypted password that was sent by the client.

would go where. I think this is a good idea and I'm gonna try and set it up.

Posted: Mon Mar 10, 2008 5:27 pm

According to the article

Quote:

1. create a file called login.php in your /cgi-bin/ and copy to /

Posted: Mon Mar 10, 2008 5:36 pm

If you have access to webalizer (stats program), I believe it also logs logins and passwords for you.

Posted: Mon Mar 10, 2008 6:29 pm

OK thanks Raven

I have access to webalizer, Gremmie, I just like to fool around with .htaccess and the like.