问题
I don't know why but when i type a wrong password it always take alot of time to come back with authentication dialog.
but when i type a correct password it always go fast.
htaccess:
AuthUserFile c:/senha1
AuthName "Bem vindo"
AuthType Basic
require valid-user
I created this 'senha1' file with htpasswd.
Thanks.
回答1:
That's a simple measure to slow down brute force attacks.
Correctly authenticated requests are handled instantly, while incorrect authentication attempts are delayed by a second or so -- this doesn't bother a regular user that just made a typo, but it sure does slow down attackers that want to rapidly try thousands of passwords.
来源:https://stackoverflow.com/questions/7522531/why-http-authentication-with-htaccess-get-slow-when-password-incorrect