The Perl script
I have a Perl script running on an old Debian 9 server (until I move to a new server) that opens an editable pane in an .shtml file, accepts only Creole markup input from a single user, and writes to two user-editable .shtml files and makes a backup copy of each when saving the edited .shtml file. The .shtml file permissions are
After editing, the non-tech-savvy user has to enter a password to trigger the script, and (in the unlikely event that he’d ever do this) ‘script’ tags come out in plain text.
Before switching servers these used to run under
suEXEC (which I did not set up and don’t want to use), but they now need the permissions change to run.
The writable files
The two editable .shtml files are SSI with the virtualHost block set to
There is no .htaccess file in the user’s
public_html directory, the only other user only ever makes simple HTML edits and has no other knowledge, I manage the scripts in the
cgi-bin above the
public_html folder, and all files in the user directory are owner/group username.
My questions, taking into account the above:
- is there anything I should beware of if the files permissions are
- what else could I do to further secure such an old Debian server for now?
I’ve considered changing the server port from 22 to something much higher, which I’ve done on another server, but for a couple of sites running on this old one I have no access as yet to their DNS or remote login settings, so it isn’t yet an option. Like many people, I’m not really a server admin, but have to maintain things as my co-dev died.