Can one enable Apache XBitHack?

1 files changed, 6 insertions, 0 deletions

diff --git a/doc/forum/Apache_XBitHack.mdwn b/doc/forum/Apache_XBitHack.mdwn
new file mode 100644
index 000000000..9cadc73e1
--- /dev/null
+++ b/doc/forum/Apache_XBitHack.mdwn
@@ -0,0 +1,6 @@
+I'd like to be able to use the Apache XBitHack to enable Server Side Includes on my site.  Yes, it is possible to enable SSI by setting the page extension to .shtml, and that is what I am doing at the moment.
+However, the disadvantage of this approach is that the server does not give a LastModified header, which means that the content can't be cached.  However, the way that I am using SSI is such that the main content of the page really is "last modified" when the page was last modified, so I'd like to be able to indicate that.  And using the XBitHack - that is, setting the executable bit on the generated page - would enable me to do that.
+
+I gather from the [[security]] page that having the executable bit set on files is considered a security hole, but how big a hole would it be if I'm the only one editing the site?  Is there a way, a somewhat safe way, of implementing XBitHack for IkiWiki?
+
+-- [[KathrynAndersen]]