[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: .htaccess



On Sat, 9 Aug 1997, Michael wrote:

> 
> In directory /cgi-bin I have sub directory /cgi-bin/first and in this
> directory I have sub directory /cgi-bin/first/second.
> 
> 	In last directory I have program "aaa" that I run.
> 
> 	So, I want only some people can run this program.
> 
> 	How to do it??? I wrote article in Apache Journal, did as shown there. But
> with no success.

.htaccess works only for directories under DOCUMENT_ROOT, and it requires
either user/password authentication, or access is allowed only from
certain Internet addresses.

As a rule, cgi-bin directories are not protected. Any CGI program must
have permissions to be executed by a user your HTTP server runs under.

I believe the easiest way to allow execution of a CGI program only by some
people is to add this functionality to the program itself. This means that
first call to the program will produce a simple authentication screen, and
then will procede as usual. The program can check user IP as well, if
needed.

Adding such functionality is really a snap. Additionally, this makes your
program more portable, since you do not depend on the HTTP server and the
platform your program runs under.

Hope this helps,

Andy

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*               Andrey Tsouladze                *                   *
*          Webmaster/Systems Manager            *                   *
*                SPL WorldGroup                 * Cogito,           *
*              3b Yoni Netaniyahu               *                   *
*           Or-Yehuda 60200, Israel             *       ergo        *
*    E-mail: andy@spl.co.il                     *                   *
*    E-mail: tsoul@aluf.technion.ac.il          *            sum    *
*    http://www.spl.co.il/~andy                 *                   *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


References: