Say I have a directory called cgi, which houses scripts called by .shtml pages. Of course, those scripts are run by the Apache server itself.
For security reasons, I do not want any user to be able to go to www.mywebsite.com/cgi
and see all my scripts.
If I password protect the directory, then the server cannot execute any of my SSId CGI files in that directory.
How can I prevent users from going to that directory, while at the same time getting my server to execute those server-side-includes?
I'd like a better answer than "just put an index.html file in that directory," as I'm sure that isn't the most secure thing to do.