Before enabling CGI access, read the "SECURITY" section of the README file.

Setting up Captrap's CGI scripts is fairly straightforward. You'll need a web
server, of course; after that, the general procedure is as follows:

1. Set up a directory alias to the Captrap CGI script directory.
2. Set "main.pl" to be run as the DirectoryIndex (or equivalent).
3. Set up access control (either host-based or some other mechanism).

Here are two examples tested with Apache 2.2. If you wish to use one, copy it
into your Apache configuration somewhere (such as
/etc/apache2/sites-available/000-default). If that doesn't make any sense to
you, consult the Apache documentation.

Also note that the Debian package puts the CGI scripts in /usr/share/captrap/,
so you may need to edit out the "/local" in the examples.

--------------------------------------------------------------------------------

Example 1:

        Alias /captrap /usr/local/share/captrap
        <Directory "/usr/local/share/captrap">
                DirectoryIndex main.pl
                Options ExecCGI
                AddHandler cgi-script .pl
                Order Deny,Allow
                Deny from all
                Allow from 127.0.0.0/8 ::1 10.0.0.2
        </Directory>

This configuration provides CGI access to localhost and a single privileged
host (10.0.0.2). Captrap is installed in /usr/local/share/captrap/.


--------------------------------------------------------------------------------
Example 2:

        Alias /ct-dev /usr/local/src/captrap/git/cgi-bin
        <Directory "/usr/local/src/captrap/git/cgi-bin">
                # DirectoryIndex main.pl
                Options ExecCGI Indexes SymLinksIfOwnerMatch
                AddHandler cgi-script .pl
                Order Deny,Allow
                Deny from all
                Allow from 127.0.0.0/8 ::1 10.0.0.2
        </Directory>

This configuration is similar to the example above, but more suitable for
Captrap development. There are three differences:
1. The location points to the Captrap source.
2. A directory index script (main.pl) is not specified.
3. Internal directory indexing and symlinks are enabled.



EOF
