Hi Andreas, On Mon, September 22, 2008 10:06, Andreas Tille wrote: > I wonder what might be the apropriate implementation in Debian because > I do not know that there is anything like a "password-protected cgi-bin > directory". Has anybody solved a similar problem or is there some advise > to do this reasonably?
The cgi-bin directory on Debian is /usr/lib/cgi-bin, so you'd probably place it somewhere under there. You can then use an Apache configuration file snippet with a <Directory> or <File> or <Location> block to limit access. What I usually see happening is that access is limited to localhost only and possibly combined with http basic authentication of which the password is asked from the user upon installation. One such example is the setup script in the phpmyadmin package. An Apache snippet doesn't work with any webserver of course, so that is a drawback, but if the script doesn't have built-in authorisation features I don't know of a universal way to limit access to it. cheers, Thijs -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
