Contributed by Anonymous Monk on Jul 26, 2000 at 10:49 UTC
Q&A  > files


I am writing scripts that read text files in my cgi-bin directory. I use these text files as databases and I don't want anybody to look at the contents of these files.

Answer: How do I prevent from anybody looking at the contents of my text files ?
contributed by davorg

  1. Don't put data in the cgi-bin directory. Use another directory not accessible from the web for that.
  2. Set the file permissions on your data directory so that only your web server user can read and write files there.
  3. Create all the data files from within the cgi scripts with permissions of 600.
  4. The Apache webserver has an option to deny access to files matching wildcards (by default, access to all files starting with .ht is denied). You can use this feature to block access to your files (this feature is configured in the file httpd.conf).
Answer: How do I prevent anybody from looking at the contents of my text files ?
contributed by slurp

If you let webserver-user "own" your files, than every other CGI script can read your files. To make something about that, you may make your scripts setuid. And then create all files in some directory other than cgi-bin which is only readable/writable/executable by your userid.

Answer: How do I prevent anybody from looking at the contents of my text files ?
contributed by Anonymous Monk

Add the ".cgi" extension to your text files. If a visitor attempts to view it from a web broswer, they should get a 500.

Please (register and) log in if you wish to add an answer

  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.