RE: [cgiwrap-users] cgiwrap and PHP
Brought to you by:
nneul
Menu
▾
▴
RE: [cgiwrap-users] cgiwrap and PHP
|
From: Gary W. <gw...@pl...> - 2005-03-17 17:03:19
|
But surely that just disables the security checks which I wanted to keep in? Is that the only way? On Thu, 2005-03-17 at 09:52 -0600, Neulinger, Nathan wrote: > Rebuild the PHP interpreter without force-cgi-redirect. > > -- Nathan > > ------------------------------------------------------------ > Nathan Neulinger EMail: nn...@um... > University of Missouri - Rolla Phone: (573) 341-6679 > UMR Information Technology Fax: (573) 341-4216 > > > > -----Original Message----- > > From: cgi...@li... > > [mailto:cgi...@li...] On Behalf > > Of Gary Wilson > > Sent: Thursday, March 17, 2005 9:21 AM > > To: cgi...@li... > > Subject: [cgiwrap-users] cgiwrap and PHP > > > > Hi all! > > > > I am facing a problem which on the face of it could have more than one > > solution, I wish to use PHP in CGI mode (not CLI mode) because PHP in > > CGI mode offers a few features/checks to make it a little more secure > > than offering access to the CLI version. However, when using it in > > conjunction with cgiwrap, the following appears: > > > > __quote__ > > Security Alert! The PHP CGI cannot be accessed directly. > > > > This PHP CGI binary was compiled with force-cgi-redirect enabled. This > > means that a page will only be served up if the REDIRECT_STATUS CGI > > variable is set, e.g. via an Apache Action directive. > > > > For more information as to why this behaviour exists, see the manual > > page for CGI security. > > > > For more information about changing this behaviour or re-enabling this > > webserver, consult the installation file that came with this > > distribution, or visit the manual page. > > __end quote___ > > > > I can solve this by going to the CLI version, or by trying to > > incorporate an Action directive in my virtualhost before my > > rewrite rules (investigating this idea next), but I was wondering what > > are others' experiences of PHP and cgiwrap? What is the "best" > > solution to this (meaning most secure)? > > > > Many thanks > > > > GW > > > > > > > > ------------------------------------------------------- > > SF email is sponsored by - The IT Product Guide > > Read honest & candid reviews on hundreds of IT Products from > > real users. > > Discover which products truly live up to the hype. Start reading now. > > http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click > > _______________________________________________ > > cgiwrap-users mailing list > > cgi...@li... > > https://lists.sourceforge.net/lists/listinfo/cgiwrap-users > > > > > |
