HTTP Authentication. HTTP supports the use of several authentication mechanisms to control access to pages and other resources. These mechanisms are all based around the use of the 401 status code and the WWW-Authenticate response header. The client sends the user name and password as unencrypted base64 encoded text.

HTTP is able to use several authentication mechanisms to control access to specific websites and applications. Some of these methods use the 401 status code and the www authenticate response header.

Enter username and password

The most commonly used HTTP authentication methods are:

Basic:

The username and password are sent as an unencrypted base64 encoded text. You should always use HTTPS, as the password is not encrypted and can easily be captured and reused if you use HTTP and not HTTPS.

Digest:

The credentials are passed to the server in hashed form. Although the credentials cannot be captured over HTTP, the request can be replayed using the hashed credentials.

NTLM:

This method uses a secure challenge/response mechanism that does not allow password capture or replay attacks if you use HTTP. It only work with HTTP/1.1 persistent connections. You cannot always use it with all HTTP proxies. Also you should not use this method if the connections are regularly closed by your web server.

In the context of an HTTP request, HTTP access authentication is a method for an HTTP user agent to provide a user name and password when making a request. It is a technique for enforcing access controls to web resources because it doesn’t require cookies, session identifier and login pages. No handshakes should be performed in predication.

The use of HTTP Authentication with cPanel/WHM is disabled, therefore the option was removed from the Tweak Settings. It was disabled in cPanel/WHM 11.42 version.

Even though it has been disabled from cPanel/WHM, you can enable/disable HTTP Authentication by modifying /var/cpanel/cpanel.config. Add the line below

skiphttpauth=1

Setting it to 1 means it has been disabled. Set it to 0 if you wish to enable HTTP Authentication & the pop-up will occur. Restart cPanel once you save this file.