Re: password-protected cgi-bin directory?
On Mon, September 22, 2008 10:06, Andreas Tille wrote:
> I wonder what might be the apropriate implementation in Debian because
> I do not know that there is anything like a "password-protected cgi-bin
> directory". Has anybody solved a similar problem or is there some advise
> to do this reasonably?
The cgi-bin directory on Debian is /usr/lib/cgi-bin, so you'd probably
place it somewhere under there. You can then use an Apache configuration
file snippet with a <Directory> or <File> or <Location> block to limit
access. What I usually see happening is that access is limited to
localhost only and possibly combined with http basic authentication of
which the password is asked from the user upon installation. One such
example is the setup script in the phpmyadmin package.
An Apache snippet doesn't work with any webserver of course, so that is a
drawback, but if the script doesn't have built-in authorisation features I
don't know of a universal way to limit access to it.