473,394 Members | 1,813 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > php5 as a cgi

Join Bytes to post your question to a community of 473,394 software developers and data experts.

PHP5 as a CGI

(In Apache2)

I have this setup and using the new CGI daemon interface... no probs.
However the binary is accessible via the browser. I suppose I wouldn't even
make this an issue but I get this when accessing the binary:
Warning: Unexpected character in input: '' (ASCII=16) state=1 in
/usr/local/bin/php on line 4777
Parse error: parse error, unexpected T_STRING in /usr/local/bin/php on line
4777

So I'm wondering if there is a more secure way to install the binary? or
perhaps I'm doing something wrong. Here is my relevant apache config
directives:
ScriptAlias /php/ /usr/daemon/httpd/php/
AddType application/x-httpd-php .php .phtml
AddType application/x-httpd-php-source .phps

Action application/x-httpd-php "/php/php"
I compiled the cgi binary "without_redirect", ""without_discard",
"without_fastcgi", "without_pathinfo".
Jul 17 '05 #1
2 1820
Jupiter's Song wrote:
(In Apache2)

I have this setup and using the new CGI daemon interface... no probs.
However the binary is accessible via the browser. I suppose I wouldn't even
make this an issue but I get this when accessing the binary:
Warning: Unexpected character in input: '' (ASCII=16) state=1 in
/usr/local/bin/php on line 4777
Parse error: parse error, unexpected T_STRING in /usr/local/bin/php on line
4777

So I'm wondering if there is a more secure way to install the binary? or
perhaps I'm doing something wrong. Here is my relevant apache config
directives:
ScriptAlias /php/ /usr/daemon/httpd/php/
AddType application/x-httpd-php .php .phtml
AddType application/x-httpd-php-source .phps

Action application/x-httpd-php "/php/php"
I compiled the cgi binary "without_redirect", ""without_discard",
"without_fastcgi", "without_pathinfo".


I've had bad experiences with running PHP5 as a CGI app on Apache2. I
don't recommend it. Additionally, I've been told that there are major
security concerns about this. Check out
http://www.php.net/manual/en/security.cgi-bin.php Supposedly, they have
also been documented at www.phrack.org

I recommend installing it as a module.
http://www.php.net/manual/en/install.unix.apache2.php

I remember that it took me a while to get it working properly (I'm not
yet an Apache guru) but I don't remember what my problem(s) were either.

Good luck!

--TekWiz
Jul 17 '05 #2
"TekWiz" <te****@twarlick.net> wrote in message
news:d1**********@aunews.duc.auburn.edu...
Jupiter's Song wrote:
(In Apache2)

I have this setup and using the new CGI daemon interface... no probs.
However the binary is accessible via the browser. I suppose I wouldn't
even make this an issue but I get this when accessing the binary:
Warning: Unexpected character in input: '' (ASCII=16) state=1 in
/usr/local/bin/php on line 4777
Parse error: parse error, unexpected T_STRING in /usr/local/bin/php on
line 4777

So I'm wondering if there is a more secure way to install the binary? or
perhaps I'm doing something wrong. Here is my relevant apache config
directives:
ScriptAlias /php/ /usr/daemon/httpd/php/
AddType application/x-httpd-php .php .phtml
AddType application/x-httpd-php-source .phps

Action application/x-httpd-php "/php/php"
I compiled the cgi binary "without_redirect", ""without_discard",
"without_fastcgi", "without_pathinfo".


I've had bad experiences with running PHP5 as a CGI app on Apache2. I
don't recommend it. Additionally, I've been told that there are major
security concerns about this. Check out
http://www.php.net/manual/en/security.cgi-bin.php Supposedly, they have
also been documented at www.phrack.org

I recommend installing it as a module.
http://www.php.net/manual/en/install.unix.apache2.php

I remember that it took me a while to get it working properly (I'm not yet
an Apache guru) but I don't remember what my problem(s) were either.

Good luck!

--TekWiz

Well my install was working great; 'cept for the binary being accessible via
the browser and outputting a nasty php error (I think it's because I
compiled it without the "force redirect" option.)

Also I am not aware of any current exploits (excluding poor server side
programming which is a problem for any of the installs).

ty
Jul 17 '05 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
Upgrade to PHP5 (beta)
by: Christoph Nothdurfter | last post by:
Hallo! I was wondering if my PHP4-Scripts will run under PHP5 (Haeven't tried the beta yet). Does anybody know? Thank you, -Christoph
PHP
8
Speed of PHP5, making PHP faster in general
by: Rob Ristroph | last post by:
I have tried out PHP 5 for the first time (with assistance from this group -- thanks!). The people I was working with have a site that uses lots of php objects. They are having problems with...
PHP
5
PHP4 *and* PHP5
by: Tim Tyler | last post by:
I'm sure this is a FAQ - but I could not find a coherent statement of the answer: Some of my clients want PHP4. Other ones want PHP5. Can I run both PHP4 and PHP5 under the same instance of...
PHP
11
PHP5 - Installation Error - 400 Bad Request
by: neur0maniak | last post by:
Hi, I've been eager to try out PHP5, so I've dumped it on my little dev machine. It's running WinXP with IIS5. I've put the php-cgi.exe in the "mappings" page as I'm used to doing with PHP4....
PHP
4
PHP5 XSL issue WinXP/Apache2
by: badbetty | last post by:
Dear Googlers I have installed PHP5 to run on WinXP against Apache 2. It works! ie. I have tested a few simple scripts and a basic xml document parse. I now want to try the XSL extension so I...
PHP
5
PHP5 considered Beta
by: Aziz | last post by:
Hi, I've recently contacted technical service of a web hosting company and asked them wheter or not they're gonna upgrade to PHP5 and MySQL5. Here's a quote from their response which confused me...
PHP
4
Php5 with support for https and ftps
by: Chuck Anderson | last post by:
I am trying to install Php5 on my WindowsXP machine (at home, not on the 'net). I downloaded the Php Windows binary at php.net, unzipped it to c:/Php5, changed my Apache config file to use Php5...
PHP
19
.php5 versus .php
by: McKirahan | last post by:
I am working in two environments neither configuration of which I can change; one's my Web host the other a client. My Web host requires the use of the ".php5" extension to use PHP v5.1.4; where...
PHP
3
A small problem in running PHP4 under PHP5 - $row[fieldname]
by: xhe | last post by:
I have just upgraded my php version form php4 to php5. and I met this problem, and don't know if you know the solution. My site was written in PHP4, and most parts can be running smoothly in PHP5,...
PHP
8
__contruct in php4 not same behavior as php5
by: FFMG | last post by:
Hi, I am slowly moving my code to php5. But I would like to make it backward compatible in case something bad happens, (and to make sure I understand what the changes are). The way the...
PHP
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!