Bravo! Mille Grazie!

  • James Joseph Finn

    (@jamesjosephfinn)


    3 weeks ago

    Ciao from an Italian-American. The plugin works flawlessly. Thank you for publishing it.

    One question: After configuring the plugin, I was expecting to find a .htpasswd file in the root directory; but apparently the plugin sets Basic Auth in a manner different than the one I’m familiar with. I’m no backend dev, but I always love to learn. I’m wondering how this works under the hood to implement Apache Basic Auth.

    Thank you again, paisano.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Matteo Enna

    (@matteoenna)

    3 weeks ago

    Ciao James,
    Thanks for the compliments, I’m glad the plugin is useful to you.

    Regarding your question, the plugin implements Basic Auth differently from the traditional method using a .htpasswd file. Instead of relying on Apache to handle the authentication, the plugin manages it directly within WordPress.

    Here’s how the 401 Unauthorized response is implemented in the plugin:

    1. Credential Verification: When a user tries to access a protected page, the plugin checks the credentials provided by the user against those stored in WordPress options. This is done in the basic_auth_root and basic_auth_admin functions.
    2. Sending a 401 Response: If the credentials are incorrect or not provided, the plugin sends a 401 Unauthorized response. This is handled by the do_exit function.

    In summary, instead of using a .htpasswd file to manage Basic Auth, the plugin checks credentials and sends 401 responses directly through PHP and WordPress functions.

    I hope this helps clarify how the plugin works under the hood!

    greetings from Italy 🙂

    Thread Starter James Joseph Finn

    (@jamesjosephfinn)

    2 weeks, 6 days ago

    Very clear, thank you. Consider me enlightened! Stata buon, fra.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this review.