disable CGI


i cand find DisableCgiOverride
"DisableCgiOverride On" in Apache Style Configurations (Admin Console -> Configurations -> Server -> General).

i have add

<IfModule litespeed>
DisableCgiOverride On
to httpd.conf file
but perl script is working yet

<Directory "/">
Options -ExecCGI -FollowSymLinks -Includes IncludesNOEXEC Indexes -MultiViews SymLinksIfOwnerMatch
AllowOverride AuthConfig Indexes Limit FileInfo Options=IncludesNOEXEC,Indexes,Includes,MultiViews,SymLinksIfOwnerMatch,FollowSymLinks

perl script work with

and they add this for .httacess
Options FollowSymLinks MultiViews Indexes ExecCGI

AddType application/x-httpd-cgi .back

AddHandler cgi-script .tttt
AddHandler cgi-script .tttt

how i can disable it


not clear about your environment.
and they add this for .httacess
what's the relationship between "they" and you.

just for an suggestion: you can set /usr/bin/perl 's permission to disable the ability of user running perl cgi script.
they are a hacker, if they run cgi and can break server security
by change chmod perl alo they can upload new perl file
and they change line 1 of perl script to new perl file
like this


now a bit more clear about your environment.

one more question: is this account belonging to this hacker ? so he can edit .htaccess file. yes, if someone can edit .htaccess, it's very difficult to prevent him to do anything bad further.