Quote:
So, how are you hiding the directories? By a redirect.cgi? Thats one thing I can thing of writing location of URLs and then transfering to anathor location. I do not know about such a script or if at all this is possible. How do you manage?My site is hosted on a NT server in Denmark. I have no adminstration access over it here in Atlanta, GA. They guys there made a 403 access protetion when trying to see the content of a directory. The directory still exists, but cannot be seen. You must know the full url. As long as person knows where each file is located, they can get it. Still they cannot access my admin.cgi and other cgi scripts since I protected them, but my data files are not locked. I think that maybe the best way is to change the data files to be renamed as email.cgi and links.cgi. That way, when a person tries to access them, they will try to execute. This is what the UBB boards does for the Members directory. That means, you would have to search all of the scripts for any referrers to email.db and change them to email.cgi. Most likely you probably will miss one and it will cause problems.
I sometimes hate hotbot search engine. It spiders entire cgi directories if not protected, like my NT server cgi-bin. If you did a search for email.db, you would definitely get good results that harvesters are wanting. Do it now, and I bet you that you will find email.db on the first 10 hits. If not, I'll shut my site down
There's no excuse as to protect your cgi scripts and not your data files. If I wanted, I could easily do a full replication on sites that have their scripts protected, but not their data files. It just shows how powerful a UNIX server can be. Ignorant people will post over and over for password protection their scripts.
--
http://www.techdevelopers.com
ASP, HTML, CGI, Flash, and more!
[This message has been edited by XanthisHP (edited June 26, 1999).]
