Even simpler, I think, is to alias everything to your one script, so you don't have to worry about what else might be in that directory.
ScriptAlias "/cgi-bin/" "/opt/mysite/cgi-bin/my_app.pl" https://httpd.apache.org/docs/2.4/mod/mod_alias.html#scriptalias talks about some strategies for this. -Dan On Mon, Nov 19, 2018 at 11:22 PM Alexander Karelas <alex.kare...@gmail.com> wrote: > I have made some webapps that I use internally. I use them so rarely (just > a couple of page views per week each) that I thought it wasn't worth having > a hypnotoad running for each and waste resources (RAM mainly), especially > since the number of these webapps might increase a lot in the future, and I > don't care about response time (2 seconds is fine) so I thought I'd set > them up as CGI sites. > > With some experimentation, I ended up with this Apache conf file the > VirtualServer (for Apache v2.4). It routes arbitrary URLs to the right > route handler. > > What do you think of it? Is it secure (suppose an evil user has access to > it)? Can it be improved? Can it be simplified, maybe? Is this useful > material for the mojo Wiki / POD? > > I'm interested in your opinions, because my experience with Apache is not > that big. > > > > > > > > > > > > > > > > > > > > > > > > * DocumentRoot /opt/mysite/html ScriptAlias /cgi-bin/ > /opt/mysite/cgi-bin/ <Directory "/opt/mysite/html"> RewriteEngine > On RewriteBase / RewriteRule (.*) /cgi-bin/my_app.pl/$1 > <http://my_app.pl/$1> [L] Require all granted </Directory> # for > the case when the user types manually /cgi-bin/local/bin/some-command.pl > <http://some-command.pl> # i.e. the only CGI script that's allowed to run > is my_app.pl <http://my_app.pl> <LocationMatch "^/cgi-bin/(?!my_app.pl/ > <http://my_app.pl/>)"> Require all denied </LocationMatch> > <Directory "/opt/mysite/cgi-bin"> Require all granted Options > ExecCGI SetHandler cgi-script </Directory> * > > -- > You received this message because you are subscribed to the Google Groups > "Mojolicious" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to mojolicious+unsubscr...@googlegroups.com. > To post to this group, send email to mojolicious@googlegroups.com. > Visit this group at https://groups.google.com/group/mojolicious. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Mojolicious" group. To unsubscribe from this group and stop receiving emails from it, send an email to mojolicious+unsubscr...@googlegroups.com. To post to this group, send email to mojolicious@googlegroups.com. Visit this group at https://groups.google.com/group/mojolicious. For more options, visit https://groups.google.com/d/optout.