Welcome to WebmasterWorld Guest from

Forum Moderators: coopster & jatar k & phranque

Message Too Old, No Replies

Perl and web site security

Looking for alternative to apache .htpasswd



12:06 am on Dec 14, 2005 (gmt 0)

10+ Year Member

My web sites rely on apache's .htpasswd files to restrict access to protected pages. I'm rewriting my pages and need a security solution that can be implemented in perl. Can anybody recemmend a place where I can read up on implementing security in the perl/CGI scripts?

My web pages use SSI to call perl scripts which generate dynamic data in certian areas of the page. I need to be able to include security mechanisms into the perl scripts so I don't accidenty allow a non-authorized user to get protected information.

Just looking for some examples of perl-based login routines and how to track the session etc.


12:27 am on Dec 14, 2005 (gmt 0)

10+ Year Member

Check CPAN. There are many modules that handle this type of thing.

Myself, I rolled my own user authentication object that encapsulates sessions, cookies, userids, database access, etc. It's built upon several available CPAN modules. Then I simply call it wherever I want pages to be password protected.


4:15 am on Dec 20, 2005 (gmt 0)

5+ Year Member

I'd recommend sticking with .htpasswd type authentication if you can. It's far more robust and comprehensive. Tied in with a database-backed auth mechanism, you should be able to do everything a script-driven authentication mechanism would (session expiries etc) and more. Just my 2 seconds' worth...

Featured Threads

Hot Threads This Week

Hot Threads This Month