#! code

To redirect from HTTPS to HTTP on the home page only using the following rule.

RewriteCond %{HTTPS} on
RewriteRule ^/?$ http://%{SERVER_NAME}/ [R=301,L]

The variable %{HTTPS} will be either "on" or "off" and will be enabled even if SSL is not installed on your site. The rule above sees that HTTPS is on and redirects the home page to the HTTP version. You can even chain lots of rules together like this.

I have talked about generating random passwords before. Although that function generated some nice passwords, they perhaps aren't as unique as they ought to be.

This function, take from Webtoolkit creates passwords of different length with varying levels of complexity.

Using a simple .htpasswd to password protect a directory or website is fine if you only have a few users, and they don't change very much. However, this quickly becomes impossible to maintain if you have lots of users. For example, if you wanted to secure access to the company Intranet you might spend quite some time trying to update your .htpasswd file. The best way to do this is to transfer all of the user administration over to an LDAP server and then get Apache to communicate with this directly.