Script in DocumentRoot
The other method is to put scripts in among the HTML files. You should only do this if you trust the authors of the site to write safe scripts (or not write them at all) since security is much reduced. Generally speaking, it is safer to use a separate directory for scripts, as explained previously. First, it means that people writing HTML can’t accidentally or deliberately cause security breaches by including executable code in the web tree. Second, it makes life harder for the Bad Guys: often it is necessary to allow fairly wide access to the nonexecutable part of the tree, but more careful control can be exercised on the CGI directories.
We would not suggest you do this unless you absolutely have to. But regardless of these good intentions, we put mycgi.cgi in.../site.cgi/htdocs. The Config file, ... /site.cgi/conf/httpd2.conf, is now:
User webuser Group webgroup ServerName www.butterthlies.com DocumentRoot /usr/www/APACHE3/site.cgi/htdocs AddHandler cgi-script cgi Options ExecCGI
Use Addhandler
to set a handler type of
cgi-script
with the extension
.cgi. This means that any document Apache comes
across with the extension.cgi will be taken to be an
executable script.You put the CGI scripts,
called <name>.cgi in your document root. You also need to have
Options
ExecCGI
. To run this one, type the following:
./go 2
You would access this script by browsing to http://www.butterthlies.com/cgi-bin/mycgi.cgi.
To experiment, we have a simple test script, mycgi.cgi ...
Get Apache: The Definitive Guide, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.