June 3, 2020 8:24 AM, "David C. Rankin" <drankinatty@suddenlinkmail.com
wrote:
All / Maxime,
With the nut build option setting:
--with-cgipath=/usr/share/nut/cgi \
when using apache with the default /srv/http/cgi-bin location, how are you supposed to access the cgi files in /usr/share/nut/cgi "Safely"?
I have the entire /usr/share/nut/html directory protected by a dbm database file manipulated with dbmmanage, so to reach the <Directory> you must authenticate. That said, the only way I can make the cgi scripts work is by setting Options FollowSymLinks in the <Directory> for "/srv/http/cgi- bin" after symlinking (e.g. ln -s /usr/share/nut/cgi /srv/http/cgi- bin/nut)
Is this safe? Is this intended way to provide access to the cgi scripts?
-- David C. Rankin, J.D.,P.E.
Hi David, I haven't used apache in years so please take this with a grain of salt. On nginx I'm using the alias directive, restricting access to the upsset.cgi to my local network [0], as suggested by the nut documentation in /etc/upsset.conf. It seems apache has a similar alias directive so you may be able to achieve the same without using any symlink [1]. [0] https://paste.xinu.at/BNUJFeuBycXUw8fB/ [1] https://httpd.apache.org/docs/2.4/mod/mod_alias.html#alias Cheers, -- Maxime