I have a simple home web server set up with Apache, but I would rather not have to install and use PHP. I was looking into scripting to deal with the basic dynamic portions of my website. However, I've heard it can be inefficient/unsafe to use bash/shell scripts in the cgi-bin directory for these purposes.
What security risks will I face using bash scripts to process POST data from an input field? What other attacks might I face if I decide to use shell scripts for my website? How can I mitigate these risks?
Is there a better way to safely and efficiently build a dynamic website? Should I not use the cgi-bin directory, and if not, what are the benefits/risks of the alternatives?