[CentOS] htaccess htpasswd and satellite connections

Jim Perrin jperrin at gmail.com
Tue Aug 8 14:41:50 UTC 2006


> Case 1
> A hosting client with satellite ISP can on our server POP for mail,
> Authenticate SMTP, and fully access their website. On the same server
> one day they can gain access to a protected directory via htaccess, the
> next day they can't.

A packet dump here may show you that things are being dropped or not
passing properly.

> Case 2
> Another hosting client can POP and Authenticate the same as above, but
> cannot gain access to said directory via htaccess while using their
> satellite connection, but can when using their dialup connection.

Same as above. Checking with the satellite provider might be an option.

> Case 3
> Hosting client could not gain access for a few days via their satellite
> connection, but then suddenly it started working and has worked for them
> from that point forward.

Did they bitch to their provider and get something changed?

> Multiple Cases.
> Clients not on satellite have reported 0 problems with connecting via
> htaccess to this system.

Expected behavior.

> So, something is going on with what satellite providers are doing. I
> understand that some non-standard methods for access have been created
> to speed up satellite handshakes. It seems to me that the defacto
> standard was 7 communications per file transferred. But since this would
> take about 7 seconds via satellite, I think they have somehow cut this
> number back. Oddly, I can't seem to find a thing about his issue when
> googling. But I do know that dnsreport.com does not work from at least
> one directway satellite connection, which happens to be the one that can
> always login via htaccess to our systems.


htaccess files slow down apache, and it's recommended by the apache
folks to avoid them whereever possible. However, you can leave the
authentication box up for as long as you wish by default. When you
submit the authentication, it passes to the server, which verifies it,
and sends back the correct information. For htaccess based auth, the
username/password is sent on EVERY page request. There is no session
information or anything else for generic basic htaccess auth. The only
explanation I know of for the behavior you're seeing would be dropped
packets.





-- 
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell



More information about the CentOS mailing list