Running scripts outside of the CGI-bin

Posted on by Seemab Saleem

What does CGI mean?

CGI stands for Common Gateway Interface . This is a standard way for webhosting servers to interface executable scripts with end users.

Most of the hosts does not allow to execute those scripts outside the CGI-BIN folder.

Enabling this in a web-accessible directory is a little bit more insecure than limiting script execution to the cgi-bin, because if any malicious script is ever uploaded to your server, it will be more easily able to be executed.

CGI scripts are usually written in scripting language, but can be written in any programming language.

Enable server-wide execution

You can enable execution of cgi scripts at server level but this will make your server more vulnerable if you get hacked. To do this, uncomment the cgi-script AddHandler directive in the main Apache configuration file /etc/httpd/conf/httpd.conf.

Connect to your server as root or a sudo user via SSH.
Open the httpd.conf file for editing:

nano /etc/httpd/conf/httpd.conf

Find this line into httpd.conf file

#AddHandler cgi-script .cgi

Remove the # so that it looks like this:
Filename: httpd.conf

AddHandler cgi-script .cgi

Restart Apache with the following command:

/etc/rc.d/init.d/httpd restart

That’s it. You should now be able to execute cgi scripts anywhere on the server.

Enable user end execution

Here you can add some extra lines on the .htaccess file to overwrite the main configuration, if it’s disabled. You can easily do this from the cPanel.

Create a .htaccess file under the home directory or the public folder.

Step 1 : Log into cPanel.

Step 2 : Create a .htaccess file under the home directory. If you prefer shell, you can use nano command.

nano .htaccess

Step 3 : Add the following code into your .htaccess file.

AddHandler cgi-script .cgi .pl
Options +ExecCGI

That’s it!! Now if you try to execute the code from your browser. It’ll work!!

vhost.conf

You can also edit your vhost.conf file to allow execution of cgi scripts on a domain basis. This allow the execution of cgi scripts in the httpdocs directory for a particular domain.

Login to your server as root or a sudo user via SSH.

Create or edit your vhost.conf file:

nano /var/www/example.com/conf/vhost.conf/

Add the following lines to the vhost.conf file and save your changes:

<Directory /var/www/vhosts/example.com/httpdocs>
<Files ~ (\.cgi$)>
SetHandler cgi-script
Options ExecCGI
allow from all
</Files>
</Directory>

Run the following command to reload your Apache configuration files:

/usr/local/psa/admin/sbin/httpdmng --reconfigure-all

That’s it. You should now be able to execute cgi scripts from your browser for specific domain.