httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Greene Paul" <greene_p...@bah.com>
Subject Apache security
Date Fri, 15 Feb 2002 22:08:55 GMT
I'm new to Apache and just starting to dive into it, on both Linux and
OpenBSD platforms.

A few quick questions about Apache security;

Is there a way to configure the following requirements regarding
passwords?

-minimum password lengths (i.e. at least 8 characters)
-enforce password complexity requirements (mix of alpha-numeric
characters, plus special characters)
-expiration dates (i.e. "expire after 90 days")
-can users change their own passwords using htpasswd, through a web
interface (i.e. they don't have command shell access to the htpasswd
binary)

The files access_log, error_log, .htpasswd, and httpd.conf, all come
with default permissions of 644; can they be changed to 600 or 640
without breaking anything?

Thanks

Paul Greene

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message