Support / KnowledgeBase

 
Search the KnowledgeBase Search

Running scripts outside of the cgi-bin

  • Applies to: (dv) 3.5, (gs)

  • Difficulty: Medium

  • Time needed: 20 minutes

  • Tools needed: SSH, vi knowledge

 
  • Applies to: (gs)
    • Difficulty: Medium
    • Time: 20
    • Tools needed: None
  • Applies to: (dv) 3.5
    • Difficulty: Hard
    • Time: 20
    • Tools needed: SSH, vi knowledge

This article describes how to execute scripts outside of your cgi-bin using an .htaccess file.

Results

You will be able to execute CGI scripts outside of your cgi-bin. Enabling this in a web-accessible directory is slightly more insecure than limiting script execution to the cgi-bin, because if a malicious script is ever uploaded to your server, it will be more easily able to be executed.

Instructions

Add the following lines to your .htaccess file:

Filename: .htaccess

AddHandler cgi-script .cgi .pl
    
Options +ExecCGI

Then, upload the .htaccess file to the directory in which you want to enable CGI script execution, via FTP. For more information on creating and uploading .htaccess files, please click on the link.

NOTE:

You can add any file extension to the "AddHandler" line in your .htaccess file. The example is for CGI and Perl scripts.

 

If you are using this directive in your existing cgi-bin directory, the above line alone will also work.

Enable server-wide execution

You can enable server-wide processing of cgi scripts. Note that this will make your server more vulnerable if you get hacked. To do this, uncomment the cgi-script AddHandler directive in the main Apache configuration file, /etc/httpd/conf/httpd.conf.

  1. Log into your server as root or a sudo user via SSH.
  2. Open the httpd.conf file for editing: 
    
vi /etc/httpd/conf/httpd.conf

    vi tip: Press "i" to enter "insert mode" so you can type and copy/paste. Use the arrow keys to navigate. Press "Esc" to exit "insert mode" when you are done modifying the file. Type ":wq" to save and quit.

  3. Locate this line:
    httpd.conf 
    #AddHandler cgi-script .cgi

    Remove the # so that it looks like this:

    httpd.conf 
    AddHandler cgi-script .cgi
  4. Restart Apache with the following command: 
    
/etc/rc.d/init.d/httpd restart

That's it. You should now be able to execute cgi scripts anywhere on the server.

vhost.conf

You can also modify your vhost.conf file to allow execution of cgi scripts on a per-domain basis. This allows execution of cgi scripts in the httpdocs directory for a particular domain.

  1. Log into your server as root or a sudo user via SSH.
  2. Create or edit your vhost.conf file: 
    
vi /var/www/example.com/conf/vhost.conf/

    vi tip: Press "i" to enter "insert mode" so you can type and copy/paste. Use the arrow keys to navigate. Press "Esc" to exit "insert mode" when you are done modifying the file. Type ":wq" to save and quit.

  3. Add the following lines to the file and save your changes:
    vhost.conf 
    <Directory /var/www/vhosts/example.com/httpdocs>
<Files ~ (\.cgi$)>
SetHandler cgi-script
Options ExecCGI
allow from all
</Files>
</Directory>
  4. Run the following command to reload your Apache configuration files: /usr/local/psa/admin/sbin/websrvmng -av

For more information about your vhost.conf file in general, and this specific issue, see:

User Comments

No visitor comments posted. Post a comment
Fields marked with an asterisk(*) are required. Comment on this article
Fill out the form below if you would like to comment on this article.
 
 
 

(code is not case-sensitive)
 
Submit
 
Browse by Service
(gs) Grid-Service (505)
(dv) Dedicated-Virtual Server (1827)
(ve) Server (29)
ProCDN (5)
Browse by Category
Account Management (55)
Databases and MySQL (28)
DNS, Domains, and Registrations (46)
Email (73)
FTP (19)
Migrations (9)
Plesk (133)
Security and Hack Recovery (17)
Server Settings and Optimization (51)
SSH (24)
SSL Certificates (12)
Troubleshooting (66)
Web Applications (132)
 

Continue