I have made some webapps that I use internally. I use them so rarely (just a couple of page views per week each) that I thought it wasn't worth having a hypnotoad running for each and waste resources (RAM mainly), especially since the number of these webapps might increase a lot in the future, and I don't care about response time (2 seconds is fine) so I thought I'd set them up as CGI sites.
With some experimentation, I ended up with this Apache conf file the VirtualServer (for Apache v2.4). It routes arbitrary URLs to the right route handler. What do you think of it? Is it secure (suppose an evil user has access to it)? Can it be improved? Can it be simplified, maybe? Is this useful material for the mojo Wiki / POD? I'm interested in your opinions, because my experience with Apache is not that big. * DocumentRoot /opt/mysite/html ScriptAlias /cgi-bin/ /opt/mysite/cgi-bin/ <Directory "/opt/mysite/html"> RewriteEngine On RewriteBase / RewriteRule (.*) /cgi-bin/my_app.pl/$1 [L] Require all granted </Directory> # for the case when the user types manually /cgi-bin/local/bin/some-command.pl # i.e. the only CGI script that's allowed to run is my_app.pl <LocationMatch "^/cgi-bin/(?!my_app.pl/)"> Require all denied </LocationMatch> <Directory "/opt/mysite/cgi-bin"> Require all granted Options ExecCGI SetHandler cgi-script </Directory> * -- You received this message because you are subscribed to the Google Groups "Mojolicious" group. To unsubscribe from this group and stop receiving emails from it, send an email to mojolicious+unsubscr...@googlegroups.com. To post to this group, send email to mojolicious@googlegroups.com. Visit this group at https://groups.google.com/group/mojolicious. For more options, visit https://groups.google.com/d/optout.
