How to update the password from Web Page

Anon

Hi,

Actually i have created a one directory in linux apache webserver.For that i want an authentication for that directory. when i am updating password from my console its successfully updated..same command is not working from php script .why is it so.
this is the command here.

/usr/bin/htpasswd -b /dir/filename usrname passwd

can you help me any one in the same.i am very greatful to you if you can help me.

ThankQ In Advance,
Tulasi

[deleted]

the htpasswd program must be executable to the apache user.

Note: this is very very VERY bad practice.

bdbush

Right. Check what user and group your apache server is running under and check that is has permissions to execute htpasswd.

Typically, for security reasons, apache is run as "nobody".

By allowing apache to execute htpasswd, you have inadvertently given all users on the server a way to add themselves to your secure site.

For instance, If you are able to create a web page in your home directory - /home/me/public_html/
Then you could write a php script that runs the htpasswd app even if you have no personal access to it.

--brian