Welcome to WebmasterWorld Guest from

Forum Moderators: coopster & jatar k & phranque

Message Too Old, No Replies

Perl and web site security

Looking for alternative to apache .htpasswd

12:06 am on Dec 14, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Nov 10, 2004
votes: 0

My web sites rely on apache's .htpasswd files to restrict access to protected pages. I'm rewriting my pages and need a security solution that can be implemented in perl. Can anybody recemmend a place where I can read up on implementing security in the perl/CGI scripts?

My web pages use SSI to call perl scripts which generate dynamic data in certian areas of the page. I need to be able to include security mechanisms into the perl scripts so I don't accidenty allow a non-authorized user to get protected information.

Just looking for some examples of perl-based login routines and how to track the session etc.

12:27 am on Dec 14, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:May 23, 2005
votes: 0

Check CPAN. There are many modules that handle this type of thing.

Myself, I rolled my own user authentication object that encapsulates sessions, cookies, userids, database access, etc. It's built upon several available CPAN modules. Then I simply call it wherever I want pages to be password protected.

4:15 am on Dec 20, 2005 (gmt 0)

New User

10+ Year Member

joined:Dec 20, 2005
votes: 0

I'd recommend sticking with .htpasswd type authentication if you can. It's far more robust and comprehensive. Tied in with a database-backed auth mechanism, you should be able to do everything a script-driven authentication mechanism would (session expiries etc) and more. Just my 2 seconds' worth...

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members