Can I run my own CGI's on VITech's web servers?

NO! But you don't need to do so anyway. There are far better alternatives. See below.

CGI (Common Gateway Interface) suffers many shortcomings; here is a partial list:

1. inherently inefficient and awkward,
2. no built-in access control
3. difficult to write one without security concerns
4. needs the access to a web server to develop
5. needs a webmaster's collaboration to write a more complex one.

You need to know the basics of computer operating system to understand 1. Basically, the web server has to grab extra computer memory, and to perform some other choirs to run a CGI script. This is obviously not efficient and elegant.

2. is best illustrated by an examples. The following site has a CGI search utility that can be used by anyone (in a form however):

http://www.emap.com/cgi-bin/x4/whatsnew.cgi

This has a serious implication - your own CGI script(s), if not written with access control, can be used by anyone on the Internet by simply call it in a URL statement like the one above. Most people who are not knowledgeable in UNIX can't write an access control mechanism effectively, even they might know the basics of some scripting languages. Another good discussion is given in Mr. Muhammad A. Muquit's well known Counter page.

If you are a paying VITech customer, you don't want to suffer slow server performance because the server is carrying extra loads generated by someone elsewhere on the Internet using your CGIs (free of charge too!), neither we at VITech.

Furthermore, many beginning CGI script writers use the very popular but unfortunately interpreted and thus slow Perl programming language, which was designed as a UNIX system administration utility originally, but has become very popular among CGI writers due to its easy-to-learn-and-to-write-ness (not really, to be truly good, one needs to be a UNIX expert!).

CGIs are also well known as potential security holes too. As an example, a web server configured to allow user CGIs will not be able to offer good user password protection, as a simple CGI script (with just a few lines of codes) can be written to peek into every user's directory, with or without password protection!

The security tips for the well known Apache web server (derived from the original NCSA HTTPD; popular among ISPs) also discuss this aspect quite well. However, we are aware of many web presence providers intentionally violate the recommendations given in the Apache documentation, even they use the Apache server at their sites. As a side, configuring a web server software to enable such a "feature" is trivial, and is not in any sense an indication of technical superiority.

Granting users the privilege to run their own CGIs is a very BAD idea indeed. For more in depth discussion, please review the The World Wide Web Security FAQ by Dr. Lincoln Stein of MIT.

VITECH is convinced that a multi-user web site should provide a set of balanced and effective utilities for user's web presence activities. Whenever possible, such utilities should NOT be in the form of CGI scripts, rather, they should be either built right in the server software such as our direct clickable imagemap support or our well liked and advanced multiple email redirection. This is for maximizing the most important key of a web server - fast and reliable delivery.

If you do have special web presence needs, and have the desire to program, rather than stick with the awkward, inefficient CGI scripts, bug your webmaster from time to time, and be a potential cause of server's delivery performance problems (as any CGI scripts require server's CPU, memory and disk activities to run), please learn the future of the web - the far more flexible and versatile Java programming language from Sun Microsystems, Inc..

The Java language allows you to develop so called applets for various multimedia web presence activities such as animation, audio/video delivery, and many others. Applets are secure, run on client computers (thus much faster once downloaded), are platform independent, are compiled and thus more efficient than scripts. Sun has made Software Development Kits (SDK) freely available to various UNIX/PC/Mac platforms (downloadable directly from Sun's Java web site), so it costs you nothing to write Java applets either. Best, once you have written a Jave applet, and tested it on your computer, you simply upload it like a normal file (in FTP binary mode!). Your Javaing activities are completely independent from the web hosting company.

Most today's modern personal computers are very powerful and most of them are underutilized (running a word processor and probably a spreadsheet or two), why not use the abundant spare CPU cycles for executing Java applets? If you develop headaches when you hear the term "programming language", you may wish to learn and use the easier Netscape's Javascript. With the dominance of Netscape browsers, wide speard licensing of its browser technologies among large Internet players (AOL, Compuserve etc), and the fact that even Microsoft has licensed Sun's Java language, betting on Java is almost a sure win.

In conclusion, normal end users DO NOT need to know/write/install CGIs. It's totally unnecessary. An ISP who offers such a "feature" on its public multiuser web server(s) is doing its customers a big disservice.