The office system needs to be deployed on the public network. Due to schedule and cost reasons, VPN is not available for the time being. I put an apache on the front end and then configured a basic verification. Can this method achieve theoretical security? What should I pay attention to? Woolen cloth
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
Basic verification passwords are all in clear text, and the data transmitted after verification will not be encrypted in any way, so it is not safe no matter how you look at it.
If you want to save time, buy an SSL certificate, and then add Basic verification, which will be secure enough.
You can use your mobile phone as the authentication medium, which is much safer than simple basic and easy to use.