Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | |||
litespeed_wiki:config:disable-cgi [2016/02/09 15:51] Jackson Zhang |
litespeed_wiki:config:disable-cgi [2020/10/13 20:26] (current) Lisa Clarke |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ===== How to disable CGI scripts ===== | + | ====== How to Disable CGI Scripts ====== |
- | To disable CGI scripts such as .cgi .pl etc, You need to turn off CGI with Apache configuration like | + | To disable CGI scripts such as ''%%.cgi%%'', ''%%.pl%%'', etc, You need to turn off CGI within the Apache configuration, like so: |
- | Options -ExecCGI | + | |
- | For control panel users, you may need to modify related template to make the change permanent. | + | <code> |
- | For example, for Direct Admin, to apply it server wide, you can do it in **/etc/httpd/conf/extra/httpd-directories.conf**. | + | Options -ExecCGI |
- | Also, you need to disable user from override "ExecCGI" option, with our DisableCgiOverride option. | + | </code> |
+ | For control panel users, you may need to modify the related template to make the change permanent. | ||
- | <IfModule LiteSpeed> | + | You must also prevent users from overriding the **ExecCGI** option. Do so with the **DisableCgiOverride** option by adding the following to ''%%/etc/apache2/conf.d/includes/pre_main_global.conf%%'': |
- | DisableCgiOverride On | + | |
- | </IfModule> | + | |
- | http://blog.litespeedtech.com/2013/03/15/closing-the-loopholes-disable-cgi-override/ | + | <code> |
+ | <IfModule LiteSpeed> | ||
+ | DisableCgiOverride On | ||
+ | </IfModule> | ||
+ | |||
+ | </code> | ||
+ | When **DisableCgiOverride** is ''%%ON%%'', it will impossible to add new CGI scripts through ''%%.htaccess%%''. If you need to add a new CGI script handler, you have to do it in the virtual host config file, like this: | ||
+ | |||
+ | <code> | ||
+ | Options -Indexes +ExecCGI | ||
+ | AddHandler cgi-script .pl | ||
+ | |||
+ | </code> | ||
+ | For more information, please read [[http://blog.litespeedtech.com/2013/03/15/closing-the-loopholes-disable-cgi-override/|Closing the Loopholes]]. | ||