httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [users@httpd] How do I protect a CGI directory?
Date Fri, 04 Jun 2004 17:44:36 GMT
I want my users to go to and click on links to get to programs in my CGI directory.
 Specifically, I want to keep them from using URLs like https:/  (My
only real concern is that the user be validated w/ a password before doing any of this.  I
actually wouldn't mind if users could type in the direct URL as long as httpd made them log

I thought I knew how to do this.  All of my CGI programs are in /usr/apache/cgi-bin and I'd
added this to my httpd.conf file:
 <Directory /usr/apache/cgi-bin>
   Require valid-user

and I _swear_ that worked for a while, but now it doens't.  I guess I wasn't testing it properly
because today with that directive in place, I can't get any CGIs, even after logging in. 
My error_log has things like:

  [Fri Jun  6 14:18:43 2004] [crit] [client] configuration error:  couldn't perform
authentication. AuthType not set!: /cgi-bin/xxx.cgi

So, how _do_ I make sure users are validated before running any CGIs?  TIA.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message