httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Christensen" <>
Subject [users@httpd] protecting non-script files in public_html/cgi-bin/ via .htaccess
Date Sat, 04 Oct 2003 06:10:23 GMT
hello, world!

I am doing some CGI development for a site on a shared hosting service
that puts the CGI directory under the virtual host's DocumentRoot (e.g.
~/public_html/cgi-bin/).  The server is configured such that requests to
"" result in
"non-script-file" being displayed in the  browser.  I would like to
prevent such.

So, I RTFM and came up with the following .htaccess file and placed it
in the CGI directory on my development server:

    dpchrist@d3020g:~/public_html/cgi-bin:CVS> ll .htaccess
    -rw-r--r--    1 dpchrist dpchrist       95 Oct  3 22:49 .htaccess

    dpchrist@d3020g:~/public_html/cgi-bin:CVS> cat .htaccess
    <Files "*.pl">
        Order allow,deny
        Allow from all
    Order deny,allow
    Deny from all

It seems to have the desired effect (Perl CGI scripts work, but user
gets "403 Forbidden" for all other files).

Is this a robust solution, or just newbie wishful thinking?



The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message