http://qs321.pair.com?node_id=551020


in reply to is it ok to have a web app install alongside http accessible instead of cgi-bin?

These issues are covered in the main Apache docs. See security_tips.

Replies are listed 'Best First'.
Re^2: is it ok to have a web app install alongside http accessible instead of cgi-bin?
by leocharre (Priest) on May 22, 2006 at 20:36 UTC

    I am not ignorant of the apache documentation, I would honestly like some opinions about this. The docs don't realyl address my concerns here- and I would like the thoughts of real world developers/webmonkeys like myself.
    For example, if you are a sys admin or a web devel, and you had to install an app, would you expect it to go in sgi, what if it were to be in its own dir alongside http doc root? would it p155 u off? I don't know exactly. Please suggest.

      It is easier to monitor an app when it resides in its own directory; it is easier to insert simple handles, and it is easier to extract info from log files (and also easier to write such info in separate file with env=xxx conditions). As for security, it easier to check and monitor access permitions. (As per Apache security_tips docs, placing an app inside server configuration directories is the least desirable option.)