I am running XP with latest Apache and PHP 5. First I am a bit confused - I see at DDG various tutorials on sessions and cookies for PHP; but it appears the Apache server is handling the security now. Essentially I can connect to the server and view anything without any security required. I am running an app that writes to a MySql database. Whenever I try to update something the browser login/password comes up and I need to fill it in - keeps me in for the session. I was playing with FORMS TO GO - to create a simple page to write info into a text box and then it writes out to a text file - the same security came up. 1) I am reading info about .htaccess - no idea if that is the direction, but based on the tasks above - can I keep the security for the MySql APP - but when it comes to the simple page (info from text box to a textfile) can I have it so NO security is asked when I submit the info? 2) If I want to sign in and keep myself logged in forever (say from my cell phone; or home) - would this be considered a COOKIE related task? Would I be shifting my focus from Apache to PHP? Or is there something in Apache that would handle this? In the end I want to be logged into my server to VIEW/UPDATE - but once signed in, kept signed in. Today I always need to sign in when I update and anyone could view my stuff since there is no security on the view side. (The authorization box suggests "DAV" - webdav - but not sure if that merely is being read by the router) thanks belly