I've got an apache2 server running a HTTPS only site that is working fine and now I want to add a user name/password to it to secure the entire website. This way, only the home page with the login prompt will be visible to any user not logged in. What's the best way of doing this? I'm not new to apache2 but I'm pretty new to PHP and that seems to be what keeps turning up when I look for this. Could anyone provide a really good step-by-step through how I'd want to set this up (PHP or not)? I don't want to use .htaccess as they don't seem secure enough from my reading and they do not allow user accounts (plus I know how to do that and want to learn something new).
Some notes:
- I'll be creating and handling all logins/passwords
- I don't have PHP installed
- Must be secured (SSL/TLS) for both the login form, page, and transmission
Thanks for any advice/help!
Bookmarks