apache: password protect a cgi-bin app?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
1
down vote

favorite












I have a CGI application that takes action as soon as it's loaded. Unfortunately, google's bots found it and they are ignoring the norobots, so the actions are being triggered at random times. So I want to password protect the CGI code. I don't want the cgi-bin script to handle the passwording - I want Apache to do it before the script runs.



I can't see how to do this? Apache finds cgi-bin via a ScriptAlias. There's no Directory tag to set an AuthType on. Creating a directory for the script and handling it with <Directory> doesn't run it as a script.



Is there a trick to this?










share|improve this question























  • Um... dropping a downvote is fine, but how about some text explaining what the problem is? I'm not an apache guru. I don't know my way around apache2.conf and the comments in it don't explain how to do this.
    – user15001
    Sep 3 at 2:19






  • 2




    You can use a Location tag to do what you want. See here - serverfault.com/questions/127708/…
    – slm♦
    Sep 3 at 2:58










  • Google respects the robots.txt convention, so you might like to check your version of this file.
    – meuh
    Sep 3 at 8:10














up vote
1
down vote

favorite












I have a CGI application that takes action as soon as it's loaded. Unfortunately, google's bots found it and they are ignoring the norobots, so the actions are being triggered at random times. So I want to password protect the CGI code. I don't want the cgi-bin script to handle the passwording - I want Apache to do it before the script runs.



I can't see how to do this? Apache finds cgi-bin via a ScriptAlias. There's no Directory tag to set an AuthType on. Creating a directory for the script and handling it with <Directory> doesn't run it as a script.



Is there a trick to this?










share|improve this question























  • Um... dropping a downvote is fine, but how about some text explaining what the problem is? I'm not an apache guru. I don't know my way around apache2.conf and the comments in it don't explain how to do this.
    – user15001
    Sep 3 at 2:19






  • 2




    You can use a Location tag to do what you want. See here - serverfault.com/questions/127708/…
    – slm♦
    Sep 3 at 2:58










  • Google respects the robots.txt convention, so you might like to check your version of this file.
    – meuh
    Sep 3 at 8:10












up vote
1
down vote

favorite









up vote
1
down vote

favorite











I have a CGI application that takes action as soon as it's loaded. Unfortunately, google's bots found it and they are ignoring the norobots, so the actions are being triggered at random times. So I want to password protect the CGI code. I don't want the cgi-bin script to handle the passwording - I want Apache to do it before the script runs.



I can't see how to do this? Apache finds cgi-bin via a ScriptAlias. There's no Directory tag to set an AuthType on. Creating a directory for the script and handling it with <Directory> doesn't run it as a script.



Is there a trick to this?










share|improve this question















I have a CGI application that takes action as soon as it's loaded. Unfortunately, google's bots found it and they are ignoring the norobots, so the actions are being triggered at random times. So I want to password protect the CGI code. I don't want the cgi-bin script to handle the passwording - I want Apache to do it before the script runs.



I can't see how to do this? Apache finds cgi-bin via a ScriptAlias. There's no Directory tag to set an AuthType on. Creating a directory for the script and handling it with <Directory> doesn't run it as a script.



Is there a trick to this?







apache-httpd password






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Sep 3 at 2:54









slm♦

239k65494665




239k65494665










asked Sep 3 at 1:58









user15001

363




363











  • Um... dropping a downvote is fine, but how about some text explaining what the problem is? I'm not an apache guru. I don't know my way around apache2.conf and the comments in it don't explain how to do this.
    – user15001
    Sep 3 at 2:19






  • 2




    You can use a Location tag to do what you want. See here - serverfault.com/questions/127708/…
    – slm♦
    Sep 3 at 2:58










  • Google respects the robots.txt convention, so you might like to check your version of this file.
    – meuh
    Sep 3 at 8:10
















  • Um... dropping a downvote is fine, but how about some text explaining what the problem is? I'm not an apache guru. I don't know my way around apache2.conf and the comments in it don't explain how to do this.
    – user15001
    Sep 3 at 2:19






  • 2




    You can use a Location tag to do what you want. See here - serverfault.com/questions/127708/…
    – slm♦
    Sep 3 at 2:58










  • Google respects the robots.txt convention, so you might like to check your version of this file.
    – meuh
    Sep 3 at 8:10















Um... dropping a downvote is fine, but how about some text explaining what the problem is? I'm not an apache guru. I don't know my way around apache2.conf and the comments in it don't explain how to do this.
– user15001
Sep 3 at 2:19




Um... dropping a downvote is fine, but how about some text explaining what the problem is? I'm not an apache guru. I don't know my way around apache2.conf and the comments in it don't explain how to do this.
– user15001
Sep 3 at 2:19




2




2




You can use a Location tag to do what you want. See here - serverfault.com/questions/127708/…
– slm♦
Sep 3 at 2:58




You can use a Location tag to do what you want. See here - serverfault.com/questions/127708/…
– slm♦
Sep 3 at 2:58












Google respects the robots.txt convention, so you might like to check your version of this file.
– meuh
Sep 3 at 8:10




Google respects the robots.txt convention, so you might like to check your version of this file.
– meuh
Sep 3 at 8:10










1 Answer
1






active

oldest

votes

















up vote
0
down vote



accepted










<Location> turns out to be the way. It's just like <Directory> but you specify a url path not a filesystem path, so /cgi-bin/particularScript is the thing to use.



In my experience, norobots.txt gets ignored if Google finds your page via bookmarks in someone's Google account. It decides to crawl it regardless. I know that's how it found it because there are no public links to the page in question; it was a privately provided url and Google didn't visit it until after someone bookmarked it.






share|improve this answer




















    Your Answer







    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "106"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: false,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













     

    draft saved


    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f466477%2fapache-password-protect-a-cgi-bin-app%23new-answer', 'question_page');

    );

    Post as a guest






























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    0
    down vote



    accepted










    <Location> turns out to be the way. It's just like <Directory> but you specify a url path not a filesystem path, so /cgi-bin/particularScript is the thing to use.



    In my experience, norobots.txt gets ignored if Google finds your page via bookmarks in someone's Google account. It decides to crawl it regardless. I know that's how it found it because there are no public links to the page in question; it was a privately provided url and Google didn't visit it until after someone bookmarked it.






    share|improve this answer
























      up vote
      0
      down vote



      accepted










      <Location> turns out to be the way. It's just like <Directory> but you specify a url path not a filesystem path, so /cgi-bin/particularScript is the thing to use.



      In my experience, norobots.txt gets ignored if Google finds your page via bookmarks in someone's Google account. It decides to crawl it regardless. I know that's how it found it because there are no public links to the page in question; it was a privately provided url and Google didn't visit it until after someone bookmarked it.






      share|improve this answer






















        up vote
        0
        down vote



        accepted







        up vote
        0
        down vote



        accepted






        <Location> turns out to be the way. It's just like <Directory> but you specify a url path not a filesystem path, so /cgi-bin/particularScript is the thing to use.



        In my experience, norobots.txt gets ignored if Google finds your page via bookmarks in someone's Google account. It decides to crawl it regardless. I know that's how it found it because there are no public links to the page in question; it was a privately provided url and Google didn't visit it until after someone bookmarked it.






        share|improve this answer












        <Location> turns out to be the way. It's just like <Directory> but you specify a url path not a filesystem path, so /cgi-bin/particularScript is the thing to use.



        In my experience, norobots.txt gets ignored if Google finds your page via bookmarks in someone's Google account. It decides to crawl it regardless. I know that's how it found it because there are no public links to the page in question; it was a privately provided url and Google didn't visit it until after someone bookmarked it.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Sep 6 at 0:57









        user15001

        363




        363



























             

            draft saved


            draft discarded















































             


            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f466477%2fapache-password-protect-a-cgi-bin-app%23new-answer', 'question_page');

            );

            Post as a guest













































































            Popular posts from this blog

            How to check contact read email or not when send email to Individual?

            Displaying single band from multi-band raster using QGIS

            How many registers does an x86_64 CPU actually have?