Today someone had managed to add links and a virus to the various files the PERL script opened.
My index.cgi has permissions 755 and looks sort of like this...
#!/usr/bin/perl
##########################################################################
$name = $ENV{'HTTP_HOST'};
$browser = $ENV{'HTTP_USER_AGENT'};
$match = "no";
if ($name =~ m/ www.parked-domain-1.com /i)
{
open (FILE, 'parked-domain-1.htm');
@database = <FILE>;
close (FILE);
print "Content-type: text/html\n\n";
foreach $line (@database)
{
print $line;
print "\n";
}
}
if ($name =~ m/ www.parked-domain-2.com /i)
{
open (FILE, 'parked-domain-2.htm');
@database = <FILE>;
close (FILE);
print "Content-type: text/html\n\n";
foreach $line (@database)
{
print $line;
print "\n";
}
}
if ($name =~ m/ www.parked-domain-3.com /i)
{
open (FILE, 'parked-domain-3.htm');
@database = <FILE>;
close (FILE);
print "Content-type: text/html\n\n";
foreach $line (@database)
{
print $line;
print "\n";
}
}
if ($name =~ m/www.parked-domain-4.com/i)
{
open (FILE, 'parked-domain-4.htm');
@database = <FILE>;
close (FILE);
print "Content-type: text/html\n\n";
foreach $line (@database)
{
print $line;
print "\n";
}
}
any help truly appreciated.
open (FILE, '<parked-domain-1.htm');
#!/usr/bin/perl -T
##########################################################################use CGI qw/:standard -no_xhtml/;
$CGI::POST_MAX = 0; #no form field data will be accepted;
$CGI::DISABLE_UPLOADS = 1; # no file uploads acceptedmy $name = $ENV{'HTTP_HOST'};
#my $browser = $ENV{'HTTP_USER_AGENT'};
#my $match = "no";my %hosts = (
'www.parked-domain-1.com' => 'parked-domain-1.htm',
'www.parked-domain-2.com' => 'parked-domain-2.htm',
'www.parked-domain-3.com' => 'parked-domain-3.htm',
'www.parked-domain-4.com' => 'parked-domain-4.htm',
);
print header;
if ($name and $name =~ m/^([\w.-]+)$/) {
open (FILE, "<$hosts{$1}") or error();
print while (<FILE>);
close (FILE);
}
else {error()};sub error {
print start_html;
print "Some error meesage or whatever you want";
print end_html;
}
exit(0);
remove the -no_xhtml switch if you want xhtml otherwise the CGI module will use doctype HTML 4.01 Transitional instead of XHTML 1.0 Transitional.
