httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eugene Lee <list-apa...@fsck.net>
Subject Re: [users@httpd] How do I protect a CGI directory?
Date Fri, 04 Jun 2004 17:54:26 GMT
On Fri, Jun 04, 2004 at 01:44:36PM -0400, cnelson@nycap.rr.com wrote:
: 
: I want my users to go to https://1.2.3.4 and click on links to get to
: programs in my CGI directory.  Specifically, I want to keep them from
: using URLs like https:/1.2.3.4/cgi-bin/xxx.cgi.
[...]
: I thought I knew how to do this.  All of my CGI programs are in
: /usr/apache/cgi-bin and I'd added this to my httpd.conf file:
:  
:  <Directory /usr/apache/cgi-bin>
:    Require valid-user
:  </Directory>
: 
: I can't get any CGIs, even after logging in.  My error_log has things
: like:
: 
:   [Fri Jun  6 14:18:43 2004] [crit] [client 10.93.0.1] configuration error:  couldn't perform
authentication. AuthType not set!: /cgi-bin/xxx.cgi
: 
: So, how _do_ I make sure users are validated before running any CGIs?  TIA.

Well, the message in error_log is actually quite self-explanatory:
you need to specify an AuthType.  Like so:

	<Directory /usr/apache/cgi-bin>
		AuthType Basic
		AuthName "Restricted CGI"
		AuthUserFile /usr/apache/passwd
		Require valid-user
	</Directory>

For more info:

	http://httpd.apache.org/docs-2.0/howto/auth.html


-- 
Eugene Lee

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message