What is a cgi-bin directory?
Question: What is the purpose of a cgi-bin directory?
Answer: CGI programs running on a server must be executable. While this allows the user to run server-side scripts, including convenient free ones found on the web, it also presents a security risk. Most virtual hosting situations restrict execution of Perl scripts (and possibly other types) to one directory, usually called cgi-bin.
By doing this, scripts can be regulated from having access to the rest of the server, and users will not have to worry about setting the same type of restrictions on other directories. Attackers will always be limited in the amount of damage they could do with invasive scripts.
Apache HTTP Server does not enable CGI by default. If your web hosting provider has not enabled CGI, ask them to see if it can be enabled. For information about enabling it on your own server, see this site.
Photo Source: Flickr
Tag: apache, cgi, cgi-bin, scripts, security, server
Keep Your Website Safe from Hackers
Question: How do I keep my hosting account from being hacked?
Answer:
1. More than anything else, it is important to keep your passwords secret and unique. No one else should have your password, not even your web host. If someone emails you pretending to be your web host or other authority and asks you for your password, do NOT believe it. Contact your web hosting company and let them know about the email. Also, make your password difficult to guess. Try to use a mixture of letters and numbers rather than a real word.
2. Always keep your personal computer clean from viruses and perform all of your security updates. Chances are, if you are infected with malware or a botnet, it will seek out the computers you connect to first, starting with your server.
3. Always keep third-party scripts and software up to date. This is crucial. You could have taken all other precautions, but if your shopping cart or forum has an unpatched security hole, you are in for a hurting — something that could affect your entire server and be grounds for account suspension.
4. Make sure that none of your files have world-writable permissions. In Linux, this means 777. In a file manager or FTP program, it might look like “-rwxrwxrwx”. Files should be either 755 (only for executable files, when a script requires it) or 644 (writeable only to you and read-only to everyone else). Those will look like “-rwxr-xr-x” and “-rw-r–r–”.
Photo: SXC
Tag: botnet, malware, password, permissions, scripts, web hosting
Installing Scripts and Software
Question: How do I install scripts and software on my shared hosting account?
Answer: A lot of that depends on the type of shared hosting account you have. If you have a Linux account, you should check with your provider to see what packages are available to you. Most will include PHP, Perl (CGI), and in some cases Java server (Tomcat).
Chances are, your web hosting provider will also include easy install scripts in your hosting plan. Check the features page of your hosting plan to see what is available. Then, you should also check your control panel to see if you can install software from there. Many web hosts include content management systems, e-commerce shopping carts, and even photo galleries.
If you still cannot find what you are looking for from your web host, you will need to make sure whatever script you want to install is compatible. Make sure you have the right version of PHP and MySQL or Perl and whatever requirements go along with it. The other thing you will need to keep in mind is that updates will be your responsibility. Some software, like WordPress, can be updated within the backend rather easily. Others will require more work.
Photo: Flickr
Tag: e-commerce, linux, mysql, perl, php, scripts, software, web hosting
Finding good free scripts for your website
A good web hosting company often provides its website owners with automatically installable scripts for various popular tasks: blogging, photo albums and e-commerce, to name a few. In some special situations, however, it becomes necessary for a webmaster to search for free, reliable scripts on the web. Whether they are Perl, PHP, or ASP scripts, there are some good places to look.
Hotscripts. Hot Scripts is one of the older more well-known script repositories. It provides links, ratings, categories and annotations of thousands of Javascript, C, PHP, Flash, ASP, CGI, Python, and other scripts. This site lists both free and commercial scripts.
PHP Resource index. Another well-known and trusted site, PHP Resource Index lists both free and commercial scripts, allowing users to vote and comment on them. It currently has around 4,000 scripts indexed. Its sister site, CGI Resource Index, lists Perl and CGI scripts.
There are many other script indexes and repositories. Whichever ones you choose, it is important to be mindful of security, not just of your own website but of the entire web server. You will be responsible for installing any updates to your scripts and making sure they are secure. It is also important to understand that you, not your web host, must make the scripts work since you acquired them from third parties.
Photo: Flickr
Tag: asp, c, cgi, flash, hosting, javascript, perl, php, python, scripts, websites