[thelist] locking cgi-bin
Richard Bennett
mail at richardinfo.com
Sun Dec 2 16:04:28 CST 2001
Hi,
I have a server running openBSD and Apache.
I am using .htaccess for authentication which works fine, except that I
don't seem to be able to lock the cgi-bin directory - so someone could
access the Perl scripts directly, so bypassing the authentication.
The directory structure is like this:
var/www/cgi-bin/
There's an .htacces file and a .htpasswd file in cgi-bin, they've been
chmodded, and the path reads like this:
AuthUserFile /var/www/cgi-bin/.htpasswd
This approach works for all directories, except cgi-bin - does anyone know
why?
thanks,
Richard.
More information about the thelist
mailing list