httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <>
Subject Re: [users@httpd] Strange .htaccess password behavior
Date Fri, 31 Jul 2009 21:03:21 GMT
On Fri, Jul 31, 2009 at 3:47 PM, Scott Yoshinaga<> wrote:
> Hi all,
> I was wondering if any of you have ever experienced a problem with .htaccess
> like the one I am experiencing. To be upfront, I am running a standard
> install of Mac OSX 10.5.7 with MacPorts and apache2/php5/mysql5 on a new
> Quad Core Xenon MacPro. Apache versionĀ 2.2.11
> When I access a password protected page, it will accept the correct username
> and password. This is normal. What isn't normal is that I can also get to
> the page by using the correct username and password with anything else at
> the end of it!
> for example:
> password: helloworld
> will allow access, but so will
> password: helloworldthisismoretext
> and anything else for that matter.
> Not sure what the problem is but i've done everything I can think of to get
> it NOT to work that way.
> I have another server running almost the same configuration and it doesn't
> have this issue at all.
> Have any of you see this?

crypt()-based passwords truncate to 8 characters.  You can probably
find lots of discussion about it with that extra keyword.

Eric Covener

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message