0

I was reading this How secure is .htaccess password protection? and reviewing the fact that one of my sites has the .htpasswd file in a web facing directory.

But, if the permissions on a .htpasswd file are correct (644), can it be accessed at all via a browser or any other means?

I guess the real question is whether or not I should follow the advice and move the .htpasswd to /home/user rather than /home/user/public_html

Community
  • 1
  • 1
Steve
  • 1,371
  • 1
  • 16
  • 38
  • Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See [What topics can I ask about here](http://stackoverflow.com/help/on-topic) in the Help Center. Perhaps [Super User](http://superuser.com/) or [Unix & Linux Stack Exchange](http://unix.stackexchange.com/) would be a better place to ask. Also see [Where do I post questions about Dev Ops?](http://meta.stackexchange.com/q/134306) – jww Mar 25 '17 at 00:28
  • @jww it is so different from the quoted question, and that was acceptable (with over 80 votes for Q and A) wasn't it? – Steve Mar 25 '17 at 01:13
  • In fact, the most popular answer on https://meta.stackexchange.com/questions/134306/where-do-i-post-questions-about-dev-ops finishes with "DevOps questions should be allowed on Stack Overflow." – Steve Mar 25 '17 at 01:17
  • 1
    How is a security question not in scope for stack overflow? – Brian.H Dec 02 '22 at 02:28

0 Answers0