Re: Making a CGI script password protected..

in reply to Making a CGI script password protected..

use your web server's access/authentication mechanism. for apache, create a .htpasswd file in the directory where the cgi scripts live. iis has same kind of control through the administrative interface. it's not a good idea to put your only security measure inside the cgi, as the permissions on the cgi are typically fairly lax, to allow everyone access to it through the web server.

the hardest line to type correctly is: stty erase ^H

Comment on Re: Making a CGI script password protected..

Replies are listed 'Best First'.
Re^2: Making a CGI script password protected.. by hostyle (Scribe) on Dec 17, 2004 at 14:16 UTC
.htpasswd doesn't protect your script any better from prying eyes or local users than properly implemented encryption (whether using md5, crypt() or whatever) inside your CGI. Both are equally valid methods if done correctly. .htpasswd is often easier to use, but its harder to log a user out if you choose this route	[reply]

In Section Seekers of Perl Wisdom