Re^2: newb: Best way to protect CGI from non-form invocation?

Given that I'm using a website host that would seem to be quite flexible in what options I can have...to the point where they are WAY beyond my skills...back to one original point: Is there something that can be set EXTERNAL to my CGI that would prevent its execution when a POST buffer greater than 3K is passed to it? So that my CGI would never have to deal with data and also prevent DOS(?) attacks?

Comment on Re^2: newb: Best way to protect CGI from non-form invocation?

Replies are listed 'Best First'.
Re^3: newb: Best way to protect CGI from non-form invocation? by Spidy (Chaplain) on Feb 05, 2007 at 23:44 UTC
You should probably take a look at this. It has a lot of helpful tips, along with answering your question in the first entry. My Website Get Eated!	[reply]
Re^4: newb: Best way to protect CGI from non-form invocation? by JCHallgren (Sexton) on Feb 06, 2007 at 00:55 UTC
It was AFTER reading that section/page that I came up with my question! So it did NOT answer it, but helped cause question...as I'm not using CGI:pm, for various reasons (which experts here will likely disagree with) that I could not see how it would handle my data in the way that I needed to...so need some info on what methods might work when not using the standard rountines, ok?	[reply]
Re^5: newb: Best way to protect CGI from non-form invocation? by Fletch (Bishop) on Feb 06, 2007 at 04:56 UTC
CGI implements a `$CGI::POST_MAX` variable which sets an upper limit on the request size it'll handle. Look at that code and reimplement or copy it into yours. What it sounds more like you're in search of is being able to configure your web server to disallow requests over a certain size, but if it can be or how that is done is going to vary from httpd to httpd (for example, see LimitRequestBody for older Apachen).	[reply] [d/l]
Re^6: newb: Best way to protect CGI from non-form invocation? by JCHallgren (Sexton) on Feb 07, 2007 at 16:25 UTC