[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] /cgi-bin/ only
> Hi,
> We have a requirement to ONLY allow execute permission in an alliased
> /cgi-bin what will be held either parallel or above /web (to prevent FTP
> access to it).
>
> I have been looking through the admin GUI source and the apache conf files
> but can't quite work out how its all being done. Its a lot different to the
> simple ScriptAlias that I'm used to.
>
> Could anybody give me a shove in the right direction (or even tell me how to
> do it).
>
> Thanks,
>
> Tony Kenny
Hi Tony,
The way I did it on my RAQ2 is to disable CGIWrap and then do a ScriptAlias
in the Virtual sites settings in httpd.conf. Here's the Cobalt knowledge
base article about disabling CGIWrap:
http://www.cobalt.com/support/kb/search.php3?ques=cgi&qid=696&language=1
Here's my httpd.conf file
----------------------------------------------
NameVirtualHost xxx.xxx.xxx.xxx
<VirtualHost xxx.xxx.xxx.xxx>
ServerName www.mysite.com
ServerAdmin site2
ServerAlias mysite.com
ScriptAlias /cgi-bin/ /home/sites/site2/cgi-bin/
DocumentRoot /home/sites/site2/web
RewriteEngine on
RewriteCond %{HTTP_HOST} !^xxx.xxx.xxx.xxx(:80)?$
RewriteCond %{HTTP_HOST} !^www.mysite.com(:80)?$
RewriteRule ^/(.*) http://www.mysite.com/$1 [L,R]
RewriteOptions inherit
AliasMatch ^/~([^/]+)(/(.*))? /home/sites/site2/users/$1/web/$3
AliasMatch ^/users/([^/]+)(/(.*))? /home/sites/site2/users/$1/web/$3
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
</VirtualHost>
----------------------------------------------
I wasn't concerned about the security issues because we're using the RAQ to
host our own sites and nobody else's. Maybe one of the Gurus on the list has
a way of doing it without disabling CGIWrap?
hope this helps,
jay