OpenBSD has a nice feature called httpd chroot. The impact of this is that httpd creates a jail in /var/www/ for the httpd server. This means that all libraries that httpd uses must be accessible from within the jail. This means we could copy everything that qmailadmin, vpopmail, vqadmin and squirrelmail uses into /var/www/, or just turn off the chroot. It's not so secure to run it without the chroot, but I've not seen a bug in the OpenBSD webserver for some time, so let's just get on with it. vi /etc/rc.conf change httpd_flags=NO to httpd_flags="-u" Now lets compile vqadmin cd /downloads/qmailrocks/ tar zxvf vqadmin-2.3.6.tar.gz cd vqadmin-2.3.6 ./configure --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/htdocs configure should report something similar to this: Current settings --------------------------------------- vpopmail directory = /home/vpopmail uid = 1008 gid = 1003 cgi-bin dir = /var/www/cgi-bin vqadmin dir = /var/www/cgi-bin/vqadmin mysql features = disabled If this is the case lets get on with the compile make && make install-strip We must now add the vqadmin directive to Apache and create a htpasswd file. vi /var/www/conf/httpd.conf deny from all Options ExecCGI AllowOverride AuthConfig Order deny,allow cd /path/to/your/cgi-bin/vqadmin Now you will want to create a .htaccess file to password protect the Vqadmin interface. There should already be a .htaccess file in the vqadmin directory, so all you need to do is configure it. vi .htaccess AuthType Basic AuthUserFile /path/to/where/you/want/to/store/the/password/file/.htpasswd AuthName vQadmin require valid-user satisfy any htpasswd -bc /path/to/where/you/want/to/store/the/password/file/.htpasswd admin admin_password chmod 644 /path/to/where/you/want/to/store/the/password/file/.htpasswd When you go to http://localhost/cgi-bin/vqadmin/vqadmin.cgi you should get a login box. Just login with the htpasswd settings you used earlier and you should get a nice blue screen.