htaccess login attempts

Giganews Newsgroups
Subject: htaccess login attempts
Posted by:  Bat 'n' Ball (batnball543633…@gmail.com)
Date: Sun, 13 Mar 2011

Hello,

I have password protected one of my pages using htaccess.

I noticed that in Internet Explorer (various versions), you get 3
chances at logging in before you get redirected to the 401 page. You
then have to refresh the page before you can try again.

In Firefox (3.6.15), I note that login attempts seems to be limitless
and you only see the 401 page if you cancel.

Although the page I am protecting isn't particularly high sensitivity,
from a security point of view, I think unlimited login attempts isn't
very good and could unnecessarily add multiple lines to the error log.

Is there a way to limit login attempts, preferably by a time limit?

Best regards,

Paul.

Apache/2.2.17 (Win32) PHP/5.3.4

Replies