Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options

Re: Is /cgi-bin safe?

by dragonchild (Archbishop)
on Apr 18, 2005 at 15:21 UTC ( [id://448918] : note . print w/replies, xml ) Need Help??

in reply to Is /cgi-bin safe?

Safer as opposed to what? The webserver has to be able to find your code in order to execute it. If you want people you don't trust to do something on your machine, you will probably want to validate and sanitize the requests they give you. There are hundreds of good articles on hardening Apache servers, MySQL databases, Oracle databases, etc etc etc.

re: "hidding-script-names technique": That's URL rewriting. Apache does this very easily with many modules - mod_rewrite being one of them. CGI::Application has CGI::Application::Dispatch which does something very similar. There is probably no real file with the name webscr or webscr.cgi or or whatever.