Security question

I have shored up security for how my users connect to specific areas,
but I have found that if they mouse around they can get into specific
places such as the cgi-bin areas.  Is there a way to shore up one
particular file.  Specifically the configuration file under reports
called the config report.

 
Thanks,

Aaron Kincaid