Secure URL

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
namitjung
Forum Commoner
Posts: 42
Joined: Mon Jun 20, 2005 3:17 am

Secure URL

Post by namitjung »

hi all,

I am seeing this type of url very frequently.

https://www.somthing/one/cgi-bin/webscr ... le-address

Here no one will know which server side scripting is used for this.

Now i want to use my php code (while posting my forms) in that way. How can i do it? I mean just passing variables and values, how would a server know which file to use?

is there any resources for that

Thanks in advance

Namit Thapa
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

SSL, for one is needed (at least to duplicate the url you posted). ForceType or mod_rewrite rules can perform the mapping to a file.
namitjung
Forum Commoner
Posts: 42
Joined: Mon Jun 20, 2005 3:17 am

I didn't get

Post by namitjung »

Thank You for you reply,

But i didn't get what you say?Can You explain it more?Is there any website which can provide online tutorial about this?

About ssl i had already obtainned ssl from versigin and installed it on my machine.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

User avatar
dbevfat
Forum Contributor
Posts: 126
Joined: Tue Jun 28, 2005 2:47 pm
Location: Ljubljana, Slovenia

Post by dbevfat »

I don't think that's php, I'm guessing cgi-bin are some cgi binary scripts, but, as posted, with mod_rewrite you should at least be able to use similar urls.
namitjung
Forum Commoner
Posts: 42
Joined: Mon Jun 20, 2005 3:17 am

Thank You feyd

Post by namitjung »

Thank You feyd,

Since i am using IIS till now, i can't modify .htaccess file.So I will install Apache and will try to rewrite an engine for that.

Thank you once again
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

feyd wrote:ForceType or mod_rewrite rules can perform the mapping to a file.
why wouldn't MultiViews suffice?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

I never said it couldn't ;)
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

You can actually use PHP for CGI scripts... it just doesn't make as much sense :)
You can change the extensions that Apache handles with PHP.
You can use mod_rewrite.

But on a standard HTTP server like Apache... (maybe this can be turned off), the HTTP headers contain information which states the content is powered by PHP.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

d11wtq wrote:But on a standard HTTP server like Apache... (maybe this can be turned off), the HTTP headers contain information which states the content is powered by PHP.
http://php.net/ini.core#ini.expose-php

;)
Post Reply