[thelist] locking cgi-bin
Dave Preston
caffiend at simianbrotherhood.org
Sun Dec 2 16:16:17 CST 2001
I'd suspect that it's because you're not serving /var/www/cgi-bin/ to
the outside. What's your ScriptAlias set to?
On Sun, Dec 02, 2001 at 11:02:58PM +0100, Richard Bennett wrote:
> Hi,
> I have a server running openBSD and Apache.
> I am using .htaccess for authentication which works fine, except that I
> don't seem to be able to lock the cgi-bin directory - so someone could
> access the Perl scripts directly, so bypassing the authentication.
>
> The directory structure is like this:
>
> var/www/cgi-bin/
>
> There's an .htacces file and a .htpasswd file in cgi-bin, they've been
> chmodded, and the path reads like this:
>
> AuthUserFile /var/www/cgi-bin/.htpasswd
>
> This approach works for all directories, except cgi-bin - does anyone know
> why?
>
> thanks,
> Richard.
>
>
>
>
> ---------------------------------------
> For unsubscribe and other options, including
> the Tip Harvester and archive of TheList go to:
> http://lists.evolt.org Workers of the Web, evolt !
>
More information about the thelist
mailing list