Security Alert! The PHP CGI cannot be accessed directly.

 
Post new topic   Reply to topic    Aprelium Forum Index -> PHP
View previous topic :: View next topic  
Author Message
Guest
Guest





PostPosted: Thu Nov 21, 2002 3:51 am    Post subject: Security Alert! The PHP CGI cannot be accessed directly. Reply with quote

I got this error

Security Alert! The PHP CGI cannot be accessed directly.
This PHP CGI binary was compiled with force-cgi-redirect enabled. This means that a page will only be served up if the REDIRECT_STATUS CGI variable is set, e.g. via an Apache Action directive.

For more information as to why this behaviour exists, see the manual page for CGI security.

For more information about changing this behaviour or re-enabling this webserver, consult the installation file that came with this distribution, or visit the manual page.
Back to top
aprelium
-


Joined: 22 Mar 2002
Posts: 6800

PostPosted: Thu Nov 21, 2002 11:24 pm    Post subject: Re: Security Alert! The PHP CGI cannot be accessed directly. Reply with quote

Please read http://www.aprelium.com/abyssws/faq.html#A2-2 or follow our PHP installation instructions at http://www.aprelium.com/abyssws/php.html .
_________________
Support Team
Aprelium - http://www.aprelium.com
Back to top View user's profile Send private message Send e-mail
adrian
Guest





PostPosted: Sun Jan 12, 2003 1:14 am    Post subject: same security error Reply with quote

I have the same security error with force-redirect. I have the REDIRECT_STATUS environment variable set to 200 in the CGI parameters but this does not cure the problem. The only way I can run is to set cgi.force_redirect to 0 in php.ini. Is this a security issue, what would I set doc_root to to plug any security holes, or is there something else I should be doing?
Back to top
aprelium
-


Joined: 22 Mar 2002
Posts: 6800

PostPosted: Sun Jan 12, 2003 1:53 am    Post subject: Re: same security error Reply with quote

adrian wrote:
I have the same security error with force-redirect. I have the REDIRECT_STATUS environment variable set to 200 in the CGI parameters but this does not cure the problem. The only way I can run is to set cgi.force_redirect to 0 in php.ini. Is this a security issue, what would I set doc_root to to plug any security holes, or is there something else I should be doing?

The security issue PHP people are talking about concerns only Apache. It doesn't affect Abyss Web Server. So don't worry, it is safe to set cgi.force_redirect to 0 in php.ini.
_________________
Support Team
Aprelium - http://www.aprelium.com
Back to top View user's profile Send private message Send e-mail
Adrian
Guest





PostPosted: Sun Jan 12, 2003 6:13 pm    Post subject: Reply with quote

Thanks for putting my mind at rest
Back to top
gary
Guest





PostPosted: Mon Jan 13, 2003 12:50 am    Post subject: err run php script shown "Undefined variable"... Reply with quote

im using winME,PHP4.30, wuts wrong?i only know php not need 2predefine variable.

-----------------------------
Notice: Undefined variable: get in C:\Abyss Web Server\htdocs\download\download.php on line 26

Notice: Undefined variable: get in C:\Abyss Web Server\htdocs\download\download.php on line 72


That file [.zip] is not available for download.

Notice: Undefined variable: SERVER_NAME in C:\Abyss Web Server\htdocs\download\download.php on line 73
-------------------------------
how 2config my php.ini 2run normal dun shown the undefined variable again.
Back to top
aprelium
-


Joined: 22 Mar 2002
Posts: 6800

PostPosted: Mon Jan 13, 2003 11:44 pm    Post subject: Re: err run php script shown "Undefined variable". Reply with quote

gary wrote:
how 2config my php.ini 2run normal dun shown the undefined variable again.

Please do a search on "undefined variable" in the forum. This question have been asked at least 20 times before.
_________________
Support Team
Aprelium - http://www.aprelium.com
Back to top View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topic   Reply to topic    Aprelium Forum Index -> PHP All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB phpBB Group