Cgi-bin directory security

Operating System & Version
Linux 3.10.0-1160.21.1.el7.x86_64
cPanel & WHM Version
100.0 (build 10)
J

Jonas Everraert

Member
Dec 5, 2021
6
2
3
Belgium
cPanel Access Level
Website Owner
Hello

I was wondering how secure the cgi-bin directory is. I need to read a Google spreadsheet and display some of its contents on a webpage. This means I need to have login credentials in a script inside of the cgi-bin directory. Since this is in the public_html/cgi-bin directory, does this mean that these login credentials would be accessible to the outside world, or is it not possible for others to see the contents of these scripts?

Thank you in advance for your answer,
Jonas
 
cPRex

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
10,360
1,628
363
cPanel Access Level
Root Administrator
Hey there! I'm not sure this would be any different than a WordPress site. By default, all WordPress credentials for the database are contained in /home/username/public_html/wp-config.php, although that file has 644 permissions. You could restrict access to that file through .htaccess or additional password protection.

You could also look into creating includes in your code itself that reference a file in /home/username for the credentials so it isn't accessible to the world.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
S Why is cgi-bin in the apache root directory? Security 4
O Server-wide cert not working for cgi-bin Security 5
M does cpanel require a cgi-bin folder access? Security 2
sehh modsec rule for POST /cgi-bin/php Security 6
O cgi-bin in public_html folder Security 11
Similar threads
Why is cgi-bin in the apache root directory?
Server-wide cert not working for cgi-bin
does cpanel require a cgi-bin folder access?
modsec rule for POST /cgi-bin/php
cgi-bin in public_html folder
Top Bottom