|
What is CGI?
CGI, Common Gateway Interface, includes programs that run
on the server to enhance the quality and functionality of
a web site. There are many resources on-line that allow the
downloading of free cgi scripts.
Do you allow CGI to run on your servers?
We do allow running of cgi scripts on the servers, however
they must conform to our acceptable server resource usage
policy. If we deem that a script is using an excessive amount
of server resources, it will be disabled.
Setting directories within your cgi scripts.
When you configure a cgi script for "any" server,
it may ask you to set variables such as the base, relative,
and CGI directory/url settings. Here's an "example"
using Matt Wright's wwwboard.pl script. Obviously, each script
may vary, but this should provide you with some basic idea:
$basedir = "/home/yourlogin/public_html/wwwboard";
$baseurl = "http://www.yoursite.com/wwwboard";
$cgi_url = "http://www.yoursite.com/cgi-bin/wwwboard.pl";
Most scripts come with documentation on how to set these directories.
Please make sure you read and understand it before configuring
the script. New to cgi? Here is a page with questions and
answers to numerous questions evolving around the inns and
outs of using cgi within your scripts: http://www.w3.org/Security/Faq/
www-security-faq.html
Another excellent site, which provides step by step chapters
is: http://www.cgi101.com/class/
What is the exact physical path to your
root directory on the webserver?
The path to your root directory is: /home/yourlogin/
Obviously, substitute "yourlogin" with the login
you were assigned when you first received your account details.
Also, keep in mind that when you configure your CGI, that
your /public_html is included in your path. For instance,
if you have a guestbook.pl script in your /cgi-bin, the exact
physical path to that file is:
/home/yourlogin/public_html/cgi-bin/guestbook.pl
Whats the correct path to perl?
Before a cgi script will work certain modifications must be
made to them. Certain paths must be specified in some scripts.
After the "#" in the first line of the perl script,
the path to perl must be specified. /usr/bin/perl should suffice
for this path. Below is a printout of a "whereis perl"
from our system.
perl: /usr/local/bin/perl
What is the path to send mail?
Another program that needs to be specified in many scripts
is sendmail. This is located at
/usr/lib/sendmail
What is SSI?
Server Side Includes
When using a UNIX system it is sometimes necessary to enable
certain HTML files executable for the purpose of using SSI.
Server Side Includes are often used to run a cgi script. An
include is called with an example such as this: After you
insert your include, you must mark the HTML file as executable
so the server will parse the file.
Rename the file to .shtml: On our server any file name .shtml
will be parsed. So instead of having an index.html file, you
would name it index.shtml. This is the easiest way of enabling
includes.
Reasons for Using SSI
SSI is often used to include something into an HTML page.
You can insert the contents of one HTML page into another
page. An example of a practical usage for this would be to
include your e-mail address at the bottom of each page. If
you do this as an include, then when your e-mail address changes,
you will only have to update it on one page and not your entire
web site. Another usage is to call cgi scripts into action.
Many counters, clocks, and other scripts are called using
SSI. The command used will most likely be provided in the
documentation of your cgi script.
PLEASE do not use the .shtml extension on "all"
of your web pages unless it's absolutely necessary. With a
busy web site, this means that every page must be executed,
as opposed to just read. This as you can appreciate, can add
considerable memory and CPU load to the system. As always,
read the instructions that came with your script carefully.
They should provide specific instructions on how to
configure the script, as well as the SSI tag.
Why doesn't my CGI work?
Make sure when you upload the CGI file DO NOT upload in binary
mode, instead use ASCII mode. Uploading in binary will cause
the server not to recognize the scripts as executables. Most
FTP clients will upload .pl or .cgi files in binary mode by
default so you will need to change this. You will need to
upload the scripts into your cgi-bin directory for security
reasons, however they will execute from anywhere within your
account. The last step is to set the file permissions. This
is otherwise known as chmoding and can be done from most FTP
clients. For specifics on chmoding you can refer to our "chmoding
files" help section.
Understanding File Permissions
There are a number of file permissions, which can be used for a variety of different purposes, however we'll limit this tutorial to the ones most commonly used. To begin with, it's important you understand the three categories of permissions, which are:
Owner Permissions:
The owner is you. In most cases, this is not so much of a concern, as you can only obtain owner permissions in one of two ways. 1. FTP into your account using your Username and Password. 2. Login via Telnet with the same information.
Group Permissions:
The represents a group of users who have access to a particular directory. For example, a password protected directory, whereas only members can access it upon providing the correct Username and Password. In this case, any permissions you assign to "Group" would be applicable to users with access to that particular directory.
Public Permissions:
This is the most important one of all. Public permissions determine what your world wide visitors can and cannot do with your files. ALWAYS make sure you understand what a particular permission does before assigning it to a file. If not, you may wakeup to find your website demolished by some clown who was snooping about and gained access to your files.
Setting File Permissions:
To set file permissions:
1. Login with your FTP client
2. Open the directory where the file you wish to set permissions on resides
3. Right click on the file and select CHMOD
A box similar to the one above will appear
Observe how you can "select" the individual permissions you want, or simply enter the 3 digit number if you know what it is. Most instructions included with downloaded scripts will tell indicate this to you.
By default, all files uploaded to the server automatically have permissions set to 644. The setting 644 is relatively safe, as it provides "Read" and "Write" access to the owner, while limiting the rest of the public to "Read Only" access.
When setting permissions for cgi scripts, the most common permissions setting is 755. 755 allows the owner "Read and Write" access, while allowing the Group and Public "Read and Execute" permissions. So what are we actually saying? In short, when users access your cgi script, the server has been instructed to grant them permissions to "Read and Execute" it. Sound scary? It's not actually…
Remember that a script is a program that must be processed by the server. As long as the script is written properly, you can safely allow users to execute it, and thus providing the desired results. For example, if they wanted to post a message to your wwwboard discussion forum, then they would need these permissions to execute wwwboard.pl, which would write their new message to an html file, which is displayed on the main forum. The new message would reside in a directory on your site so other users could view it. Most cgi, perl and other scripts you'll Most cgi, perl and other scripts you'll be installing come complete with instructions telling you which permissions you'll need to set them to.
CHMOD general info
When using a UNIX system it is sometimes necessary to change
file permissions. This is done using the CHMOD command. There
are two different ways to chmod a file.
Certain FTP clients such as Cute FTP and WS/FTP Pro allow
for a chmoding directly within FTP. To do this you would highlight
the file that you want to use, and select from the command
menu "change file permissions." There is on option
for "manual." This is where you will enter the desired
CHMOD. Many other FTP clients will support CHMODing as well,
we recommend checking the documentation.
Reasons for CHMODING
CHMODing files can be done for a variety of reasons. You can
CHMOD files to do things such as: mark them executable, give
them write permission, restrict access to them, and a variety
of other reasons. It is important to note that chmoding is
nearly impossible to avoid. If you are trying to run a certain
cgi script it could require execute permissions on the script
itself, write permissions on a directory, and read on an informational
page. Your cgi scripts should contain the proper documentation
to inform you of the proper CHMOD's.
List of CHMOD's and what they mean.
chmod 777 filename The file is available for Read, Write,
and Execute for the owner, group, and world.
chmod 755 filename The file is available for Read, Write,
and Execute for the owner; and Read and Execute only for the
group and world.
chmod 644 filename The file is available for Read and Write
for the owner, and Read only for the group and world.
chmod 666 filename The file is available for Read and Write
for the owner, group, and world. I wonder if the 666 number
is just a coincidence. Anybody can create havoc with your
files with this wide-open permission mask.
WARNING!
Setting permissions on files is a relatively simple task,
however MAKE SURE you fully understand what it is you're allowing
the public to do with your files. For example, some less experienced
users often make the fatal mistake of simply setting ALL of
their files to 777. While 777 will automatically allow executing
privileges, it also allows full "READ, WRITE, and EXECUTION
ability to the entire world!!!!
This is how web sites get hacked! While most visitors have
good intentions, all it takes is one person whom snoops about
your files seeking an "Open Back Door." This could
result is them gaining full access to your directories, which
means they can do anything from deleting your entire site,
to defacing it with obscenities.
New to cgi? Here is a page with questions and answers to numerous
questions evolving around the inns and outs of using cgi within
your scripts: http://www.w3.org/Security/Faq/www-security-faq.html
What is SSL?
Secure Socket Layers provide a means for submitting encrypted
data via the web. SSL works based upon a public key / certificate
system. As data is transmitted it is encrypted into 40 bit
encryption and the web server then decrypts the data once
it is transmitted. In the rare occasion that the data was
stolen during the transmission process the only data that
they would be would be encrypted which means that viewing
it would show nothing but letters, numbers, and symbols randomly
mixed.
How dose SSL work?
In order for this process to work without many warning messages
from IE and Netscape about possible security hazards a certificate
must be obtained from a trusted source. A certificate is only
good for one domain name.
How do I add this feature?
If you would like to enable SSL on your account contact us
and ask to take advantage of this feature. If you would like
to have your own certificate installed so that customers can
navigate your site via https://www.yourdomain.com you
will have to purchase your own certificate and have us generate
a key request and install it on the server. We recommend using
Thawte for this purpose. Once you have the key from thawte,
we will install it for you.
(Plese note there is a $25.00 one time fee to install your
Personal SSL Certificate.)
You have to order one of our plan with dedicated IP!
|
Copyright © 2001-2004, "Net F. G., LLC"
| Terms of service |
Contact us |
Support 
