Cached passwords - Post ID 198782

User 12253 Photo


Registered User
6 posts

Is there a way or script that can be loaded to the httacces file that will not allow the password to be kept in cache? So that as soon as they leave the web site they would need to re log in to the web site?
User 184085 Photo


Ambassador
1,707 posts

I'll have to dig around a little but my first take on this is no, since that cache is kept on the users computer they have control over it, plus there are browser add ons to help. I'm thinking that by setting an expiry on the page might force the browser not to look in the cache, but I'm doubtful since you are pass-wording off a section of the site and the login dialog is internal to the browser.

I'm doubtful, but will look around.
Volunteering to help :)
http://www.tbaygeek.ca
My HTML play area
http://www.tbaygeek.ca/test/
User 184085 Photo


Ambassador
1,707 posts

The idea that I have is put this in the header of your pages

<meta http-equiv="Cache-Control" content="no-cache" />


but I don't know if it will work as you wish.
Volunteering to help :)
http://www.tbaygeek.ca
My HTML play area
http://www.tbaygeek.ca/test/
User 403910 Photo


Registered User
69 posts

Hi, I have this same issue ... Once I log in once, I don't have to log in again. I would like to make it so that the user HAS to put in the username & password EVERY time...

I tried the meta cache control, and it still let me in.

Any other ideas, tips, tricks??

Thanks!!
User 2073552 Photo


Registered User
1,625 posts

You could set the expires in the .htaccess file.
"An Apple doth not fall far from its tree, yet an orange does."

https://lbwebsitedesign.com - Responsive Web Design & Web Hosting Services.
http://helpsite.sirage.com - HTML5, CSS3 and CC Help Video Blog.
User 403910 Photo


Registered User
69 posts

Hi SirAGE ... I have been trying to do that for the last 45 minutes. I followed an online tutorial, but am just not getting it ... any further help or direction greatly appreciated ... thanks!!
User 403910 Photo


Registered User
69 posts

tried this:
# NEVER CACHE
<filesMatch "\.(html|htm|php|cgi|pl)$">
Header set Cache-Control "max-age=0, private, no-store, no-cache, must-revalidate"
</filesMatch>

and this:
<filesMatch "\.(html|htm|js|css)$">
FileETag None
<ifModule mod_headers.c>
Header unset ETag
Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"
Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT"
</ifModule>
</filesMatch>

-- added to the top of the file before the

#### CC BEGIN WEBSITE ACCESS MANAGER ####

AuthUserFile /uuuu/sssssss/00/xxxxxxx/html/.htpasswd (file changed to protect the innocent)
AuthName "Please Contact for Access"
AuthType Basic

# Access Restriction:
Require user GaleS
order deny,allow

#### CC END WEBSITE ACCESS MANAGER ####
User 403910 Photo


Registered User
69 posts

I also just tried this:

<IfModule mod_expires.c>
# Activate mod_expires for this directory
ExpiresActive on

# cache HTML files for 24 hours
ExpiresByType text/html "access plus 2 seconds"
</IfModule>

---
NOTES: I am on GoDaddy Linux hosting - I SWITCHED so that I could use WAM ....
At this point, I am tearing my hair out. It is seeming like WAM is not uploading files (as in, once I make manual changes to the .htaccess file, and they don't work, I go back into WAM to re-upload the files, and when I view them, they are still the file that I made manual changes on)

I have deleted all the .htaccess and .htpassword files from the server and my local drive. Exited from WAM, re-opened and re-uploaded.

Deleted my cache several times.

I have searched Google and GoDaddy support; I don't know where to go or what to try next.

I hope this information helps; I just don't know what else to try and am at wit's end (well, it was a short trip...)

I need to have the page, when trying to open, ALWAYS ask for a username & password. It works once (asks for UN & PW) but then when navigating away and coming back, it just lets me in w/no UN or PW.
User 1999271 Photo


Registered User
5 posts

Anyone have a work around for this? I have a site where people log into the site from public use computers so I have to be able to reset the cached password.
User 187934 Photo


Senior Advisor
20,181 posts
Online Now

It's not possible at least in every browser and not very full proof.
Here's a few thing to try.
http://stackoverflow.com/questions/4497 … ut-via-php
I can't hear what I'm looking at.
It's easy to overlook something you're not looking for.

This is a site I built for my work.(RSD)
http://esmansgreenhouse.com
This is a site I built for use in my job.(HTML Editor)
https://pestlogbook.com
This is my personal site used for testing and as an easy way to share photos.(RLM imported to RSD)
https://ericrohloff.com

Have something to add? We’d love to hear it!
You must have an account to participate. Please Sign In Here, then join the conversation.