On Wed, 10 Oct 2007, Nicholas Sanfratello wrote: > I am new to Apache HTTP server and had a question regarding user > privileges. Is there a way to prevent users from running applications > (ex: CGI, php, shtml, ...)? If so, how would I do this? I would like > to only allow users to post files, not run applications. For CGI, remove all ScriptAlias configuration directives and the .cgi handler. For PHP, disable the module (comment out the lines that load the module) and remove the .php handler. For server-side includes (.shtml) remove the ability to override Options and do "Options -Includes" in your configurations. -- Aj. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|