On Tue, Aug 14, 2018 at 9:33 PM Jason Pitt <jnp...@uw.edu> wrote: > > Hello- > > I'm having an issue with trying to configure apache that I'm hoping someone > can help me address. I have several scripts located in the cgi-bin that I > want to control access to. I'm able to either put an .htaccess file in the > cgi-bin or modify the apache2.conf file to prompt for a username and password > when the url to the cgi script is entered into a browser, however...the > script executes and sends content to the browser window before the user > enters anything into the authorization dialog...furthermore the user can just > cancel the authorization dialog and can then interact with the cgi generated > content...the only thing getting blocked by apache is access to actual files > on the webserver. How do I prevent this behavior? > It sounds like you may not be protecting the right URL/files/directories. What's the relevant config and URL being accessed? What does the access log say?
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org