Securing CGI scripts

Fingo has asked for the wisdom of the Perl Monks concerning the following question:

I am working on a site based on the CGI.pm module which will allow a large amount of user interaction. What are some techniques for securing against hackers? Are there any good reasources on the web or in print that I should read?



Thanks,

	Max

2002-04-01 Edit by Corion : Tamed the runaway pre tag

Comment on Securing CGI scripts

Replies are listed 'Best First'.

Re: Securing CGI scripts
by rob_au (Abbot) on Apr 01, 2002 at 05:45 UTC

use CGI or die;,
CGI Security and the null byte problem,
Web Security for CGI programs,
Preventing DOS attacks with CGI.pm,
CGI::Safe to CPAN,
Security issues for CGI file upload,
Re: Security with open() in CGI scripts,
And the list goes on ...

Re: Securing CGI scripts
by grep (Monsignor) on Apr 01, 2002 at 05:33 UTC

Ovid's "Web Programming Using Perl" Course

BTW I must commend you highly on your endeavour. Just asking this question means you are on the right track!

Ovid's "Web Programming Using Perl" Course, the choice of the US Naval programmer :)

UPDATE: thx to Kanji for spotting my typo in the link

grep> cd /pub grep> more beer

(podmaster) Re: Securing CGI scripts
by PodMaster (Abbot) on Apr 01, 2002 at 06:50 UTC

My CGI script runs from the command line but not the browser. (500 Server Error)

Look ma', I'm on CPAN.

** The Third rule of perl club is a statement of fact: pod is sexy.

Re: Securing CGI scripts
by cjf (Parson) on Apr 01, 2002 at 10:22 UTC

The Essential CGI Security Practices thread gives a good overview of... Essential CGI Security Practices ;-). Make sure to read all the replies in the thread as well.

Re: Securing CGI scripts
by Sinister (Friar) on Apr 01, 2002 at 14:57 UTC

er formait hyarya

"Field experience is something you don't get until just after you need it."

Re: Securing CGI scripts
by brianarn (Chaplain) on Apr 01, 2002 at 19:26 UTC

CGI Programming with Perl, 2nd Ed

-T

~Brian

Back to Seekers of Perl Wisdom