Re: CGI and Virtual Hosts

Fri, 03 Oct 2003 13:40:43 -0700 

> has documentation on it.  As far as I've experenced, you need 1 IP address
> per user, but I hear you can run any number of users off the same IP
> address.

We are running many sites w/ suexec on (1) IP number.



NameVirtualHost 129.63.24.92

<Macro Site  $directory $host>
<VirtualHost 129.63.24.92>
   ServerAdmin [EMAIL PROTECTED]
   ServerName $host
   ServerAlias www.$host
   DocumentRoot /home/sites/$directory/doc_root
   User $directory
   Group $directory

   ErrorLog /var/log/apache/sites/$directory/error.log
   CustomLog /var/log/apache/sites/$directory/referer.log referer
   CustomLog /var/log/apache/sites/$directory/combined.log combined

   Alias /reports /home/sites/$directory/reports

   ScriptAlias /cgi-bin /home/sites/$directory/cgi-bin
   <Directory  /home/sites/$directory/cgi-bin>
        AllowOverride None
        Options IncludesNOEXEC ExecCGI
   </Directory>

   ScriptAlias /kwiki /home/sites/$directory/kwiki
   <Directory  /home/sites/$directory/cgi-bin>
        DirectoryIndex index.html
        AllowOverride None
        Options IncludesNOEXEC ExecCGI
   </Directory>

</VirtualHost>

</Macro>





On Fri, 3 Oct 2003, Daxal Communications - Surf the USA wrote:

> Apache has increased CGI security by means of suexec.  The Apache website
> has documentation on it.  As far as I've experenced, you need 1 IP address
> per user, but I hear you can run any number of users off the same IP
> address.
>
> If you discover how to enable suexec to allow any number of users to use the
> same IP address, I'd be interested.  I am currently using mass virtual
> hosting with %0 as a virtualscriptalias and virtualdocumentroot delimiter.
> eg, /var/webhosting/%0/docroot/
>
> Cheers,
>
>
> Scott
>
> ----- Original Message -----
> From: "Antonin Karasek" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Friday, October 03, 2003 1:38 PM
> Subject: CGI and Virtual Hosts
>
>
> > Hi,
> > I want to enable CGI on my web-hosting server, but I can't find out a good
> > security model (permitions of files). I don't want files to be readable
> for
> > others and don't want CGI to run apache's group. The main problem is, that
> > the files must belong to the same group as CGI is run.
> >
> > The best solution could be to chroot CGI scripts, but Apache can't do this
> > (I think).
> >
> > Could anybody send me some useful links?
> >
> > Many thanks
> >
> >
> > --
> > To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> > with a subject of "unsubscribe". Trouble? Contact
> [EMAIL PROTECTED]
> >
> >
>
>
>





-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to