Protecting smartadmin.cgi without .htaccessgreenspun.com : LUSENET : S-Mart Shopping Cart : One Thread
I'd like to know how to password protect the smartadmin.cgi script without using .htaccess. .htaccess can be bypassed with things like cgiwrap, so I was wondering if there's another way to protect it?
-- Peter Johannson (firstname.lastname@example.org), June 28, 1998
.htaccess should be used for security. Anything script based is most likely weak, and hackable. You're right that cgiwrap is a security issue, and you shouldn't be using it in the first place probably, suexec is much more efficient.
-- Barry Robison (email@example.com), June 28, 1998.
Can you tell me at leat how I could protect it without .htaccess? I want to use cgiwrap so I can protect the track.db file.
-- Peter Johannson (firstname.lastname@example.org), June 29, 1998.