When my WHM creates a new account it puts their cgi-bin directory in their public_html directory. Is there any way to modify the setup so it will put it in the directory above this? Allowing public access to this directory and allowing cgi scripts to be run anywhere seems like a security risk. I've always done this and used an alias to point to the cgi directory location.
Any thoughts?
:confused:
Full Version: cgi-bin Directory
It is my understanding that you can run CGI type scripts in any directory. The cgi-bin is just there because that is the "standard" way of doing things. You should be able to create a directory up one directory and make use of CGI stuff there. Just inform all your scripts where the directory is in their configurations and you should be fine.
Emrys is correct, any cgi w/ a chmod of 755 is executable (by nature) and will be parsed.
if you put cgi scripts in a web inaccessible area, how would you then execute them? I can understand totally for maybe pure data or such, but not the executables.
i'd just make a data dir in the main dir, and put my executables in the cgi-bin, and make sure i configure the script correctly to find the data for the script in ../../data
hope this helps.
if you put cgi scripts in a web inaccessible area, how would you then execute them? I can understand totally for maybe pure data or such, but not the executables.
i'd just make a data dir in the main dir, and put my executables in the cgi-bin, and make sure i configure the script correctly to find the data for the script in ../../data
hope this helps.
Hi,
CGI programs are often restricted to ScriptAlias'ed directories for security reasons. In this way, administrators can tightly control who is allowed to use CGI programs. However, if the proper security precautions are taken, there is no reason why CGI programs cannot be run from arbitrary directories.
you may wish to use a .htaccess file to permit the execution of CGI programs in a particular directory. This may be implemented with the following configuration:
Options +ExecCGI
AddHandler cgi-script cgi pl
Alternately, if you wish to have all files in the given directory be considered to be CGI programs, this may be done with the following configuration:
Options +ExecCGI
SetHandler cgi-script
Note that AllowOverride Options must be in effect for these directives to have any effect.
best of luck
CGI programs are often restricted to ScriptAlias'ed directories for security reasons. In this way, administrators can tightly control who is allowed to use CGI programs. However, if the proper security precautions are taken, there is no reason why CGI programs cannot be run from arbitrary directories.
you may wish to use a .htaccess file to permit the execution of CGI programs in a particular directory. This may be implemented with the following configuration:
Options +ExecCGI
AddHandler cgi-script cgi pl
Alternately, if you wish to have all files in the given directory be considered to be CGI programs, this may be done with the following configuration:
Options +ExecCGI
SetHandler cgi-script
Note that AllowOverride Options must be in effect for these directives to have any effect.
best of luck
I tryied to config this at the httpd.conf
I uncomment the line
AddHandler cgi-script .cgi and added de line AddHandler cgi-script .pl to treat the perl files as scripts
at the OPTIONS i added ExecCGI
restarted httpd
Ii even added "AddType application/x-httpd-cgi .cgi" to the srm.conf file (I deleted this line after checked it doesn't work either)
But it's still doesn't work.
Keeps giving a 500 error
Any ideas?
BTW: Where is the server error log (or at least the default location)? I'm new, new box too.
I uncomment the line
AddHandler cgi-script .cgi and added de line AddHandler cgi-script .pl to treat the perl files as scripts
at the OPTIONS i added ExecCGI
restarted httpd
Ii even added "AddType application/x-httpd-cgi .cgi" to the srm.conf file (I deleted this line after checked it doesn't work either)
But it's still doesn't work.
Keeps giving a 500 error
Any ideas?
BTW: Where is the server error log (or at least the default location)? I'm new, new box too.
have the answer...
the prob was that I did it as root.
chown and chgroup to the adminXX and works great
the prob was that I did it as root.
chown and chgroup to the adminXX and works great
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.