Automated security for apps that matter
Sqreen monitors your application security and helps you easily protect it from common vulnerabilities or advanced attacks.




Automated security for apps that matter
Sqreen monitors your application security and helps you easily protect it from common vulnerabilities or advanced attacks.
Spent almost 12h figuring out why a htaccess / htpasswd wasn’t working…
[Mon Apr 04 14:45:45.605734 2016] [authn_file:error] [pid 21193] (13)Permission denied: [client 84.91.XXX.XXX:62465] AH01620: Could not open password file: /home/rocker/public_html/control/data/.htpassw
That was it! File permissions!
This worked for me.
$new_password = password_hash($old_password, PASSWORD_BCRYPT);
password_hash() creates a new password hash using a strong one-way hashing algorithm. password_hash() is compatible with crypt().
Therefore, password hashes created by crypt() can be used with password_hash().PASSWORD_BCRYPT – Use the CRYPT_BLOWFISH algorithm to create the hash.
This will produce a standard crypt() compatible hash using the “$2y$” identifier. The result will always be a 60 character string, or FALSE on failure. Supported Options:
http://php.net/manual/en/function.password-hash.php
Simple!
Username is stored in $_SERVER[‘PHP_AUTH_USER’]
and password in $_SERVER[‘PHP_AUTH_PW’]