|Come for the quick hacks, stay for the epiphanies.
Safer as opposed to what? The webserver has to be able to find your code in order to execute it. If you want people you don't trust to do something on your machine, you will probably want to validate and sanitize the requests they give you. There are hundreds of good articles on hardening Apache servers, MySQL databases, Oracle databases, etc etc etc.
re: "hidding-script-names technique": That's URL rewriting. Apache does this very easily with many modules - mod_rewrite being one of them. CGI::Application has CGI::Application::Dispatch which does something very similar. There is probably no real file with the name webscr or webscr.cgi or webscr.pl or whatever.