I'm trying to generate an .htpasswd file for use on my Sonic-hosted web site. Now that shell access has been removed, I'm using a remote web site to generate the .htpasswd contents (because there's no htpasswd on my Windows 11 system). At this remote site, I am able to choose the encryption algorithm for my password, but the only one of the provided choices that seems to be considered secure is Bcrypt. However, the web page tells me it's supported on Apache versions 2.4 or later and when I use this algorithm on my web site it fails. Only if I use an algorithm that is supposedly insecure ("Apache specific salted MD5") can I get my .htpasswd to work.
So, does this mean Sonic is running an earlier version of Apache than 2.4?
Or am I doing something wrong?
Thanks.
So, does this mean Sonic is running an earlier version of Apache than 2.4?
Or am I doing something wrong?
Thanks.
Statistics: Posted by mikefr — Fri Jan 03, 2025 7:09 pm