'Re: How to I secure /cgi-bin?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-modperl
Subject:    Re: How to I secure /cgi-bin?
From:       "Tim Tompkins" <timt () arttoday ! com>
Date:       2001-06-28 5:39:06
[Download RAW message or body]

Use Location for paths respective to the server root.

<Location /cgi-bin>
   ...
</Location>


----- Original Message -----
From: "Ron Savage" <ron@savage.net.au>
To: "mod_perl" <modperl@apache.org>
Sent: Wednesday, June 27, 2001 9:23 PM
Subject: Q: How to I secure /cgi-bin?


> Test env:
> Apache/1.3.20 (Win32) mod_perl/1.25_01-dev mod_ssl/2.8.4 OpenSSL/0.9.6a
>
> I just tried this to stop myself running any scripts from /cgi-bin, but it
does not stop me. Yeah, yeah, I restart the server after
> every patch to httpd.conf.
>
> <Directory /cgi-bin>
>     Options Indexes FollowSymLinks MultiViews
>     Order allow,deny
>  Deny from all
>     Allow from 127.0.0.1
> </Directory>
>
> My aim of course is to use
>     Order deny,allow
> to stop all others!
>
> I tried
> <Directory "/cgi-bin">
> and
>     Allow from 128.0.0.1
> just to see what would happen, but that did not stop me either.
>
> Cheers
> Ron  Savage
> ron@savage.net.au
> http://savage.net.au/index.html
>
>

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic