Operating System & Version
Linux 3.10.0-1160.21.1.el7.x86_64
cPanel & WHM Version
100.0 (build 10)
Dec 5, 2021
6
2
3
Belgium
cPanel Access Level
Website Owner
Hello

I was wondering how secure the cgi-bin directory is. I need to read a Google spreadsheet and display some of its contents on a webpage. This means I need to have login credentials in a script inside of the cgi-bin directory. Since this is in the public_html/cgi-bin directory, does this mean that these login credentials would be accessible to the outside world, or is it not possible for others to see the contents of these scripts?

Thank you in advance for your answer,
Jonas
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
10,360
1,628
363
cPanel Access Level
Root Administrator
Hey there! I'm not sure this would be any different than a WordPress site. By default, all WordPress credentials for the database are contained in /home/username/public_html/wp-config.php, although that file has 644 permissions. You could restrict access to that file through .htaccess or additional password protection.

You could also look into creating includes in your code itself that reference a file in /home/username for the credentials so it isn't accessible to the world.