I am hosting a few sites for friends that need cgi access. I read something about cgi scripts shouldn't be in the web document root for security purposes--people being able to read them as text. I turned on cgi by adding the ExecCGI in <Directory /home/*/public_html> which if I understand is not secure?
What's the standard practice for doing this with users and virtual hosts?
Todd
Create a cgi-bin directory in parallel to your docs direcory and make that the directory that is able to exec cgi scripts.
<Directory /home/*/cgi-bin>
and then use ScriptAlias to make it available: ScriptAlias /cgi-bin/ /home/*/cgi-bin
That should get you on the right track.
rgds
Franki
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
