Note: A lot of updates to this plugin are in the works, so this plugin should be considered BETA... than them.
Adding .htaccess based HTTP Basic Authentication to your WordPress blog is such a smart thing to do and I'm trying to help make it easier for you. Mainly because it stops alot of automated hacking attempts and exploits from ever being attempted, thus cutting down on the number of requests, connections, and mysql queries for all WordPress blogs on the Internet.
Just download and extract the new plugin file to
wp-content/plugins/askapache-password-protect/ and activate it. It automatically deactivates and deletes previous versions.
Well, this is BETA for now, meaning it works but there are a lot of cool features I just didn't have time to include in this release. A lot of people were experiencing problems with the older version.
- TONS of error checking and compatibility checks. This plugin WONT break your server.
- Tests your servers ability to use .htaccess/.htpasswd files by setting them up in a temporary spot first and checking them. (ssl/https enabled)
- Determines which .htpasswd Encryption Algorithms that your server supports by testing each one.
- Provides all 4 htpasswd encryption formats that Apache explains
- Uses php to generate the encrypted hashes for all 4 encryption formats using portable code. Even has the apache-specific MD5!
- Allows you to specify and change the AuthName / Realm
- I made this upgrade fool-proof, just the way I like it.
Now hosted by WordPress.org
Known solutions to all the issues are in the works so prepare for the next release. In the meantime, the problem occurs because this version tries to save the encrypted htpasswd file ABOVE your document_root, obviously this isn't working very well for most wordpress users.
February 7th, 2008