Return-Path: 
 <users-return-61163-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: (qmail 59304 invoked from network); 14 Mar 2006 15:49:54 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 14 Mar 2006 15:49:54 -0000
Received: (qmail 39716 invoked by uid 500); 14 Mar 2006 15:49:45 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 39543 invoked by uid 500); 14 Mar 2006 15:49:44 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 39532 invoked by uid 99); 14 Mar 2006 15:49:44 -0000
Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Mar 2006 07:49:44 -0800
X-ASF-Spam-Status: No, hits=0.0 required=10.0
	tests=HTML_MESSAGE,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (asf.osuosl.org: domain of kjalleda@gmail.com designates
 64.233.182.193 as permitted sender)
Received: from [64.233.182.193] (HELO nproxy.gmail.com) (64.233.182.193)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Mar 2006 07:49:43 -0800
Received: by nproxy.gmail.com with SMTP id d4so1050944nfe
        for <users@httpd.apache.org>; Tue, 14 Mar 2006 07:49:22 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
        s=beta; d=gmail.com;
        h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references;
        b=maNKvjHzndaJBMeMIjvn8TWiIVpLgUJGVBBlLN5D3jkzU39wwLX8yQofFHxjb5/xMp+EGAgpQhznOyHQbQDkMzh/8ss3tumMK5mLGvSmOw3KS2WxMhzPzFHY/YZN6kWJtrxnEU+VnXL+D9ulF4Uq/UdaKBdu8dScMEPdaScVI8U=
Received: by 10.49.39.4 with SMTP id r4mr2234130nfj;
        Tue, 14 Mar 2006 07:49:17 -0800 (PST)
Received: by 10.49.31.9 with HTTP; Tue, 14 Mar 2006 07:49:17 -0800 (PST)
Message-ID: <78aaf6710603140749h78fb0f5bq51d9383ed7c5dc73@mail.gmail.com>
Date: Tue, 14 Mar 2006 10:49:17 -0500
From: "Kishore Jalleda" <kjalleda@gmail.com>
To: users@httpd.apache.org
In-Reply-To: <619cf3c0603140743m4e82d95dx@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_Part_5418_4940380.1142351357885"
References: <619cf3c0603140743m4e82d95dx@mail.gmail.com>
X-Virus-Checked: Checked by ClamAV on apache.org
Subject: Re: [users@httpd] [newbie]Setting a secured apache server
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

------=_Part_5418_4940380.1142351357885
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

yes SSL would be your best bet, with .htaccess your passwords would be
travelling in plain text, so go for SSL...

Kishore Jalleda


On 3/14/06, Toto Capuccino <shoktai@gmail.com> wrote:
>
> Hi everyone,
>
> I am using a monitoring tool -nagios- that is running through a web
> interface where you can configure things. I really want avoid people from
> being able to log to that server or to know wich is coming in and out of =
the
> traffic. I am actually using authentication with .htaccess file. Is that =
the
> most secured authentication method ? Yes i know it is a naive question an=
d i
> am sure the answer is no, so i should ask which authentication method is =
the
> best?
> I want to strongly encrypt the traffic...should i use SSL for that ?
>
> Thanks for your info.
>
> --
> Le bon sens est la chose du monde la mieux partag=E9e.
>

------=_Part_5418_4940380.1142351357885
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

<div>yes SSL would be your best bet, with .htaccess your passwords would be=
 travelling in plain text, so go for SSL...</div>
<div>&nbsp;</div>
<div>Kishore Jalleda <br><br>&nbsp;</div>
<div><span class=3D"gmail_quote">On 3/14/06, <b class=3D"gmail_sendername">=
Toto Capuccino</b> &lt;<a href=3D"mailto:shoktai@gmail.com">shoktai@gmail.c=
om</a>&gt; wrote:</span>
<blockquote class=3D"gmail_quote" style=3D"PADDING-LEFT: 1ex; MARGIN: 0px 0=
px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div style=3D"DIRECTION: ltr">Hi everyone,<br><br>I am using a monitoring t=
ool -nagios- that is running through a web interface where you can configur=
e things. I really want avoid people from being able to log to that server =
or to know wich is coming in and out of the traffic. I am actually using au=
thentication with .htaccess file. Is that the most secured authentication m=
ethod ? Yes i know it is a naive question and i am sure the answer is no, s=
o i should ask which authentication method is the best?=20
<br>I want to strongly encrypt the traffic...should i use SSL for that ?<br=
><br>Thanks for your info.<br clear=3D"all"></div>
<div style=3D"DIRECTION: ltr"><span class=3D"sg"><br>-- <br>Le bon sens est=
 la chose du monde la mieux partag=E9e. </span></div></blockquote></div><br=
>

------=_Part_5418_4940380.1142351357885--