Manually Configuring cgi-bin Directories for Virtual Subhosts
Many of your potential Virtual Subhosting clientele will want cgi-bin access....
this can easily be configured for a Virtual Subhost using the ScriptAlias
directive in the ~/www/conf/httpd.conf file on your Virtual Server
(or the ~/www/conf/srm.conf file, if you Virtual Server was configured
before Dec. 8, 1998). For example, the WhiteMountainGuides.com site has
its own cgi-bin. This can easily be added to the Virtual Subhost definition
by simply using the "ScriptAlias" directive as
show below:
<VirtualHost whitemountainguides.com www.whitemountainguides.com>
ServerName whitemountainguides.com
ServerAdmin webmaster@whitemountainguides.com
DocumentRoot /usr/local/etc/httpd/vhosts/wmg
ScriptAlias /cgi-bin/ /usr/local/etc/httpd/vhosts/wmg/cgi-bin/
</VirtualHost>
You will need to create the cgi-bin directory that you define using
the ScriptAlias directive. You can create the directory by connecting
to your Virtual Server and issuing the command:
mkdir ~/usr/local/etc/httpd/vhosts/wmg/cgi-bin
NOTE: It is important to understand that giving cgi-bin access to your Virtual
Subhosted clients is a potential security risk. This is because the CGIs your customers upload and execute have all
of the rights and privileges of the CGIs you execute. Therefore, it is possible for a Virtual Subhosted client, which
has been granted CGI privileges, to read or remove any file in your directory heirarchy. Moreover, it is possible for
a malicious subhosted client to crack weak passwords and gain shell access to your Virtual Server. See our document,
Virtual Subhosting security issues for more
information.
|
|
