Do you have a question? Post it now! No Registration Necessary. Now with pictures!
August 9, 2006, 5:14 am
rate this thread
Originally posted this query in ciwah.cgi but no response, so sorry
if it is a little off-topic here:
I have setup a simple online 'contact' form on my site and I am not
sure if I have done this as securely as possible.
1. I am using nms Formmail: the recipient email address is in the
script and not in the html form
2. I have dropped an .htaccess file in the cgi-bin directory that
says: Options -Indexes to stop directory browsing.
3. I have renamed the script from FormMail.pl to xxxxxxxx.pl and given
the directory an anonymous name.
My only concern is that the script file can still be identified and
potentially read and therefore the email address for recipient
Is there more I should be doing to secure the script and the cgi
Thanks for any answers to my (ignorant) question,
PS Apache server