On Fri, 6 May 2005, Eric S. Johansson wrote:
> very error prone, easily a security risk, often gives counterintuitive
> results and the error reporting in the log usually doesn't help (client
> denied by server configuration)
Yes, means your server config has overrides switched off. This is the
normal - the default config is very strict. You have to selectively enable
overrides for htaccess to work, for example, to allow CGI scripts in
/home/*/cgi-bin/:
# Allow CGI scripts
<Directory /home/*/cgi-bin>
AllowOverride FileInfo AuthConfig Limit
Options MultiViews ExecCGI -Indexes SymLinksIfOwnerMatch
<Limit GET POST OPTIONS PROPFIND>
Order allow,deny
Allow from all
</Limit>
</Directory>
You have to switch on overrides in a similar fashion.
> since I know you really want to be helpful, I'm trying to figure out how
> to hide CGI programs from the URL. I.e. instead of
> http://www.demo.org/mumble.cgi, I want http://www.demo.org/ to execute
> the same CGI program. I'm currently using the error handler to catch
> the 404 and run the program. It's a bloody hack but a cool one.
You can also designate a specific folder for CGI's so you dont need the
.cgi extension (you would have to comment out the cgi-handler in the
config).
> to further wrap your head around the brick of this problem
> http://demo.org/xyzzy/plugh would invoke the same CGI as
> http://demo.org/ but would pass /xyzzy/plugh to the CGI probably as a
> referrer_URL environment variable.
>
> clear as mud? yes, I have tried index.cgi and I have not been able to
> make it work.
You could try making index.cgi one of the index types Apache will look
for, i.e.
<IfModule mod_dir.c>
DirectoryIndex index.html index.php index.php3 index.shtml index.cgi
index.pl index.htm Default.htm default.htm
</IfModule>
That should be in /etc/apache/conf/commonapache.conf
--
Aj.
--
gentoo-user@gentoo.org mailing list
