[cgiwrap-users] Preventing direct access to CGIWRAP?
Brought to you by:
nneul
Menu
▾
▴
[cgiwrap-users] Preventing direct access to CGIWRAP?
|
From: <ce...@sm...> - 2001-11-26 06:02:22
|
Hi, I am using CGIWRAP seemlessly with the AddHandler / Action directives with apache. I just discovered that it was possible to execute a script that is located in a password protected directory using .htaccess file. When accessing http://www.website.com/protected/script.cgi, Apache won't allow unauthorized access because there is a .htaccess file with the right directives in the protected directory. When supplying the right password, apache will execute the script by calling CGIWRAP. This is all good. Although, you guessed it, if one calls http://www.website.com/cgibin/cgiwrap/username/protected/script.cgi, it is easy to breach in. I would like to prevent cgiwrap to be accessed directly, like in the second exemple. Is there a way to do this? Thank you for your help, Cédric |
