[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] RE: CGI-BIN on XTR or RAQ 4
- Subject: [cobalt-users] RE: CGI-BIN on XTR or RAQ 4
- From: "Nicolae" <nicolaep@xxxxxxxxxxxxxxxxxx>
- Date: Mon Apr 1 14:40:47 2002
- Organization: EnigmaBiz.Com
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> Message: 8
> From: "Mark Middleton" <mark@xxxxxxxxxxxxxx>
> To: "Cobalt User Group" <cobalt-users@xxxxxxxxxxxxxxx>
> Date: Mon, 1 Apr 2002 06:50:30 -0800
> Subject: [cobalt-users] cgi-bin on an XTR
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> I've searched the archives, and understand that the RAQs
> allow you to run cgi scripts anywhere, and to just create a
> folder called "cgi-bin". However, now this folder is browse-able.
I found that out too. I had into the problem to where
I created a Virt. Site and didn't have the cgi-bin
enabled. Than I did enabled it but did not create
a cgi-bin. I than SSH in and created a CGI-BIN. Than the headaches
having to chmod, chown, etc than could't get in via admin
or ftp than only root, had to remove and wouldn't work.
I think I than just rmed all files than went to RAQ 4 GUI
and deleted the virtual site, than re-created it with
CGI-enabled.
> I can put a blank index.html file in that folder to keep from
> browsing it, or use an .htaccess file with "indexignor *" or
> "Options -Indexes"
Too much headaches, I tried that and I started getting server
errors, I guess my raq hates tweaking .htaccess too much.
I wanted to add custom 404 but it breaks or add a 'do not still'
my images type of policy.
I guess it would be out of the question to remove and re-create
the virtual site. For me it was a blank parked domain site.
> I've also read about making the permissions 444 for the
> cgi-bin directory - the problem with this one is that only
> root seems to be able to browse it after that (in SSH or telnet)
>
> I'm fairly new to the RAQ line, and am wondering what the
> best, most secure yet easy way to have a cgi-bin is.
It freaked me out too once, I noticed that my cgi-bin was exposed.
Lots have that and do not know about it till it's too late
or accidentaly find out.
But why is that that when you enable the CGI-BIN on the GUI
it does not create the cgi-bin and when you remove the check
mark on the GUI it does not remove the directory.
--
Nicolae