Cgi-bin directory security

Jonas Everraert

• February 26, 2022 04:43

Hello I was wondering how secure the cgi-bin directory is. I need to read a Google spreadsheet and display some of its contents on a webpage. This means I need to have login credentials in a script inside of the cgi-bin directory. Since this is in the public_html/cgi-bin directory, does this mean that these login credentials would be accessible to the outside world, or is it not possible for others to see the contents of these scripts? Thank you in advance for your answer, Jonas

• 

  cPRex Jurassic Moderator

  • February 28, 2022 13:48

  Hey there! I'm not sure this would be any different than a WordPress site. By default, all WordPress credentials for the database are contained in /home/username/public_html/wp-config.php, although that file has 644 permissions. You could restrict access to that file through .htaccess or additional password protection. You could also look into creating includes in your code itself that reference a file in /home/username for the credentials so it isn't accessible to the world.

  0
• 

  Jonas Everraert

  • March 01, 2022 09:38

  Thank you for the tips. I think your second recommendation is the easiest to do, so I will do that.

  0
• 

  cPRex Jurassic Moderator

  • March 01, 2022 13:33

  You're very welcome!

  0

Please sign in to leave a comment.