Re: CGI and Virtual Hosts
> has documentation on it. As far as I've experenced, you need 1 IP address
> per user, but I hear you can run any number of users off the same IP
> address.
We are running many sites w/ suexec on (1) IP number.
NameVirtualHost 129.63.24.92
<Macro Site $directory $host>
<VirtualHost 129.63.24.92>
ServerAdmin webmaster@$host
ServerName $host
ServerAlias www.$host
DocumentRoot /home/sites/$directory/doc_root
User $directory
Group $directory
ErrorLog /var/log/apache/sites/$directory/error.log
CustomLog /var/log/apache/sites/$directory/referer.log referer
CustomLog /var/log/apache/sites/$directory/combined.log combined
Alias /reports /home/sites/$directory/reports
ScriptAlias /cgi-bin /home/sites/$directory/cgi-bin
<Directory /home/sites/$directory/cgi-bin>
AllowOverride None
Options IncludesNOEXEC ExecCGI
</Directory>
ScriptAlias /kwiki /home/sites/$directory/kwiki
<Directory /home/sites/$directory/cgi-bin>
DirectoryIndex index.html
AllowOverride None
Options IncludesNOEXEC ExecCGI
</Directory>
</VirtualHost>
</Macro>
On Fri, 3 Oct 2003, Daxal Communications - Surf the USA wrote:
> Apache has increased CGI security by means of suexec. The Apache website
> has documentation on it. As far as I've experenced, you need 1 IP address
> per user, but I hear you can run any number of users off the same IP
> address.
>
> If you discover how to enable suexec to allow any number of users to use the
> same IP address, I'd be interested. I am currently using mass virtual
> hosting with %0 as a virtualscriptalias and virtualdocumentroot delimiter.
> eg, /var/webhosting/%0/docroot/
>
> Cheers,
>
>
> Scott
>
> ----- Original Message -----
> From: "Antonin Karasek" <karasek@ceskyserver.cz>
> To: <debian-isp@lists.debian.org>
> Sent: Friday, October 03, 2003 1:38 PM
> Subject: CGI and Virtual Hosts
>
>
> > Hi,
> > I want to enable CGI on my web-hosting server, but I can't find out a good
> > security model (permitions of files). I don't want files to be readable
> for
> > others and don't want CGI to run apache's group. The main problem is, that
> > the files must belong to the same group as CGI is run.
> >
> > The best solution could be to chroot CGI scripts, but Apache can't do this
> > (I think).
> >
> > Could anybody send me some useful links?
> >
> > Many thanks
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> >
> >
>
>
>
Reply to: