In what scenarios would using a .htpasswd file enhance the security of PHP scripts in a local Intranet setup?

Using a .htpasswd file can enhance the security of PHP scripts in a local Intranet setup by restricting access to certain directories or files based on user authentication. This can prevent unauthorized users from accessing sensitive information or performing malicious actions on the server.

&lt;?php
// Check if user is authenticated
if (!isset($_SERVER[&#039;PHP_AUTH_USER&#039;])) {
    header(&#039;WWW-Authenticate: Basic realm=&quot;Restricted Area&quot;&#039;);
    header(&#039;HTTP/1.0 401 Unauthorized&#039;);
    echo &#039;Access Denied&#039;;
    exit;
} else {
    // Validate username and password from .htpasswd file
    $htpasswd_file = &#039;.htpasswd&#039;;
    $htpasswd_data = file_get_contents($htpasswd_file);
    $htpasswd_lines = explode(&quot;\n&quot;, $htpasswd_data);
    $authenticated = false;

    foreach ($htpasswd_lines as $line) {
        list($username, $password) = explode(&#039;:&#039;, $line);
        if ($_SERVER[&#039;PHP_AUTH_USER&#039;] == $username &amp;&amp; password_verify($_SERVER[&#039;PHP_AUTH_PW&#039;], trim($password))) {
            $authenticated = true;
            break;
        }
    }

    if (!$authenticated) {
        header(&#039;WWW-Authenticate: Basic realm=&quot;Restricted Area&quot;&#039;);
        header(&#039;HTTP/1.0 401 Unauthorized&#039;);
        echo &#039;Access Denied&#039;;
        exit;
    }
}
?&gt;

Keywords

.htpasswd security PHP scripts local Intranet scenarios

In what scenarios would using a .htpasswd file enhance the security of PHP scripts in a local Intranet setup?

Keywords

Related Questions