Is using Apache Basic Auth with enforced SSL good enough to secure internal-only sites that must be publicly accessible? I know that there are more advanced Apache authentication protocols such as Digest, but I'm not sure if it's really necessary to implement something so complicated when a standard Basic Auth does the trick.
Asked
Active
Viewed 2,349 times
1
-
1This previous posting has a good explanation: http://stackoverflow.com/questions/20910207/is-apache-digest-authentication-more-secure-or-than-basic-or-not – AnotherGuest Jun 15 '16 at 18:34
-
Thanks man! I guess I'm sticking with Basic Auth then, since I have it secured with SSL. No point in fixing it if it's not broken. ᕕ(ᐛ)ᕗ – Felix Jen Jun 16 '16 at 16:14