Hi chaps,
I have a website which when you fill in a form, fires a bash script located in the cgi-bin folder to do some stuff.
My question is, how can i lock the script down, so that it can't be run unless your logged into the site?
script location: /var/www/cgi-bin/script
website: /var/www/website1/public_html/
Now, I'm thinking that since the cgi-bin folder is higher up in the folder structure than the site it's self am I right that you couldn't access it via a url anyway?
I'm already doing a check for inappropriate input from the user BEFORE the script is fired in an effort to stop any bash/mysql injection, but I'd like to beef up my security, just in case.
Any thoughts?
thanks in advance
I have a website which when you fill in a form, fires a bash script located in the cgi-bin folder to do some stuff.
My question is, how can i lock the script down, so that it can't be run unless your logged into the site?
script location: /var/www/cgi-bin/script
website: /var/www/website1/public_html/
Now, I'm thinking that since the cgi-bin folder is higher up in the folder structure than the site it's self am I right that you couldn't access it via a url anyway?
I'm already doing a check for inappropriate input from the user BEFORE the script is fired in an effort to stop any bash/mysql injection, but I'd like to beef up my security, just in case.
Any thoughts?
thanks in advance