|
Posted by KEVIN ZEMBOWER on 09/06/05 17:44
I'm trying to allow php scripts to execute from the /cgi-bin/ directory, which is currently set up as a ScriptAlias in my Apache2 configuration. I've found lots of references to this, but there seems to be a couple of different ways to accomplish this, and I can't tell which one is recommended or safest. There seems to be lots of security risks associated with some of the solutions proposed.
I'm using Debian woody. This was working under Apache 1, but somehow upgrading to Apache 2 broke it, and I haven't been able to fix it.
I've found solutions involving changing the ScriptAlias directory to just an Alias, with ExecuteCGI turned on in the Apache2 configuration. I've also found adding an alias to the php4 executable in the cgi-bin directory and adding an Action and AddHandler to the configuration, but I wasn't able to get this working. I get the sense that changing the SafeMode section of /etc/php4/apache2/php.ini is the recommended, safest way, but I haven't been able to find any cookbook-style directions on what to change to allow the execution of the php scripts from /cgi-bin/.
Can anyone help me get this set up? Searching the archives of this list produced some information that seemed contradictory and I couldn't understand which methods were recommended.
Thank you for your help and advice.
-Kevin Zembower
-----
E. Kevin Zembower
Internet Systems Group manager
Johns Hopkins University
Bloomberg School of Public Health
Center for Communications Programs
111 Market Place, Suite 310
Baltimore, MD 21202
410-659-6139
[Back to original message]
|