Apache CGI Notes

Apache CGI and .htaccess Notes

See my example apache setup if you don't already have a basic apache setup.

Edit /etc/httpd/conf/sites/www.sysxperts.com.conf #obviously you would name it with your own info but for sake of continuity I am using my own stuff 
    ScriptAlias /cgi-bin/    /www/www.sysxperts.com/cgi-bin/

Create a shell script for testing called myshell.sh in the directory /www/www.sysxperts.com/cgi-bin/ #if your using selinux I sure hope you fixed stuff with chcon 
    chcon -t httpd_sys_content_t /path/that/is/broke/

put the following into myshell.sh:

Content-Type: text/html
My Name is: $(id -u)
My ID is: $(id -u)
My Shell is: $(set)
My environment is: $(env)
Then change permissions to rwx,rx,rx or 755 using chmod

Now go to http://www.sysxperts.com/cgi-bin/myshell.sh and hopefully she works, if not look at your /var/log/httpd/ logs

Ok, now let's add some security to my doc root with .htaccess by creating a .htaccess file in /www/www.sysxperts.com/ and add:
AuthName "my crap"
AuthType Basic #only a moron like me would expose this level of auth to an internet facing server without ssl
AuthUserFile /etc/httpd/conf/.htpasswd-sysxperts
require  valid-user
Then create password file in /etc/httpd/conf/
    htpasswd -mc .htpasswd-sysxperts pvalentino
    chgrp apache .htpasswd-sysxperts  (substitute apache for whatever group you have setup in httpd.conf - I have pvalentino in my example)
    chmod 640 .htpasswd-sysxperts
    service httpd reload

Then update your virtual host <Directory> block by adding:
    AllowOverride AuthConfig
    service httpd reload

Now you should get a logon page and all is good, of course if it is not you want to go to /var/log/httpd and review logs if it is not OK.  man pages and google are your friends.

No comments: