I've a stupid problem which I'm unable to solve.

I'm using sqwebmail and qmailadmin and therefore I've created aliases for having them in a nice url:

ScriptAlias /mailadmin /var/www/cgi-bin/qmailadmin
Alias /images/qmailadmin/ /var/www/html/images/qmailadmin/

ScriptAlias /mail /var/www/cgi-bin/sqwebmail3/sqwebmail
Alias /webmail3/ /var/www/html/webmail3/

Do I have to add this lines into every single virtual host or is there a more elegant way to define them globally?

Do you think this two features could be a security hole? Shall I use .htaccess and .htpasswd? Any other recommendation regarding security?

thanks a lot!

If you add them to the global config, they will only work on the "primary domain". So yes, unfortunately you will ned to add those lines to each VH. I don't know anything about these programs, so I can't speak for their security.

-Dan

That's not correct, as you can declare global aliases and global script aliases. That will work for all user's, and you will not have to add it to each and every single virtual host block. When in doubt, try and and see next time, it won't hurt anything (usualy, unless you do specify a path you ought not to, or worse -- so it's good to ask though) and you can always revert back to what you had before -- especially since you can indeed do this globally and simply comment out a couple of lines and restart the web server.

A note though, you were giving an example of:

ScriptAlias /mailadmin /var/www/cgi-bin/qmailadmin

End your path's with a trailing slash. If you do not, if might not work (although I have seen it work), and even worse and a better reason, is that if you specify it like that and if you put script aliases in the user's web root (and a lot of people do -- I wouldn't!), a web surfer can type in the ip/~username/scriptalias/filename and depending if you have global CGI or other type of file extentions or not, it'll have the potential to just display the source code. Anyway, you should specify it as:

ScriptAlias /mailadmin/ /var/www/cgi-bin/qmailadmin/

instead, for those reasons, and a few more, to make it a correct entry. Finally, keep in mind, that this might or might not work, depending on the permissions and ownership and what user those scripts need to run as to use this qmail administration script -- and if you are using some CGI wrapper, that will disallow global script access to. Just some things to keep in mind, but for most configurations, it should work. Good luck.

You are absolutely right Tim, and I don't know why I said that it wont work. The only down side to this is that it will work for all domains. So if for any reason you don't want this available for a specific domain you're stuck with it. Also if you want to add authentication, you will have to do it globally, as opposed to having an individual password file per site that could be controlled by your domain owners.

-Dan

I suppose this is all true, and the issue I would personally have, is that no CGI wrapper could work with it, which opens up other issues that don't relate to what this user above wants to do, so I didn't mention that, but it's not a bad thing, per se anyway. I personally assume, that if some user wants to create a directory or personal script alias by the same name as the qmailadmin global script alias, that they will be happy to know it's already there anyway. What I mean is, although most people don't want to go and add in common paths and names for global script aliases (or maybe they do), that this one task at hand, doesn't appear it would cause any conflicts.

thanks a lot for your help and suggestions. I did just see that there is another problem. If I want to have an nice alias for qmailadmin, but if I add the line:

ScriptAlias /cgi-bin/ /var/www/html/domainname/cgi-bin/

qmailadmin wont work. I guess because qmailadmin is reachable by default at: /cgi-bin/qmailadmin

:( any help for this?

summary... this is what I have and it does not work. I've tryed to comment "ScriptAlias /cgi-bin/" out, and by doing so qmailadmin works.... if I comment out both (ScriptAlias and Alias) for qmailadmin my cgi-bin works but there is no nice url for qmailadmin.


ScriptAlias /mail/ /var/www/cgi-bin/sqwebmail3/sqwebmail/
Alias /webmail3/ /var/www/html/webmail3/

ScriptAlias /mailadmin/ /var/www/cgi-bin/qmailadmin /
Alias /images/qmailadmin/ /var/www/html/images/qmailadmin/

ScriptAlias /cgi-bin/ /var/www/html/domainname/cgi-bin/


thanks a lot!