How to Enable Additional CGI Scripts
Last modified: September 28, 2020
- This document describes an unsupported workaround that we do not guarantee will work in the future.
- This workaround does not work on systems that run EasyApache 4. Use the Global Configuration section of WHM’s Apache Configuration interface (WHM » Home » Service Configuration » Apache Configuration) instead and select the following options in the Directory “/” Options section:
- ExecCGI
- FollowSymLinks
- Includes
- IncludesNOEXEC
- Indexes
- SymLinksIfOwnerMatch
- For security reasons, we strongly recommend that you do not use CGI scripts in directories other than the cgi-bin directory.
- Only perform the steps that this document describes if all other available solutions fail.
- We strongly encourage you to back up your server before you perform this action.
Overview
Apache version 2.2 allows you to use CGI scripts in directories other than the cgi-bin directory. To prevent the use of CGI scripts in directories other than the cgi-bin, you must disable the ability of individual .htaccess files to override the server settings.
Apache version 2.4 prevents the use of CGI scripts in directories other than the cgi-bin directory. To use CGI scripts in other directories, you must enable the ability of individual .htaccess files to override the server settings.
Change the CGI script availability
Read the below sections for directions about how to prevent the use of CGI scripts, or restore the default settings.
Apache version 2.2
Disable CGI though .htaccess
To disable CGI through .htaccess, perform the following steps:
-
Log in to your server as the
rootuser via SSH. -
Change to the
/usr/local/apache/conf/directory. -
Create a backup of your
httpd.conffile. For example:cp httpd.conf httpd-old.confNote:In this example,http-old.confrepresents the backup file’s name. -
Open your
http.conffile with a text editor and locate the section of the file that resembles the following example:1 2 3 4<Directory "/"> Options +ExecCGI +FollowSymLinks +Includes +IncludesNOEXEC +Indexes -MultiViews +SymLinksIfOwnerMatch AllowOverride All </Directory> -
Change the
AllowOverrideline’s value fromAlltoNone. -
Run the distiller to update the settings. To do this, run the following command:
/usr/local/cpanel/bin/apache_conf_distiller –update
Your server now only allows CGI scripts to run in the cgi-bin directories.
Apache version 2.4
Enable CGI through .htaccess
To enable CGI through .htaccess, perform the following steps:
-
Log in to your server as the
rootuser via SSH. -
Change to the
/usr/local/apache/conf/directory. -
Create a backup of your
httpd.conffile. For example:cp httpd.conf httpd-old.confNote:In this example,http-old.confrepresents the backup file’s name. -
Open your
http.conffile with a text editor and locate the section of the file that resembles the following example:1 2 3 4<Directory "/"> Options +ExecCGI +FollowSymLinks +Includes +IncludesNOEXEC +Indexes -MultiViews +SymLinksIfOwnerMatch AllowOverride None </Directory> -
Change the
AllowOverrideline’s value fromNonetoAll. -
Run the distiller to update the settings. To do this, run the following command:
/usr/local/cpanel/bin/apache_conf_distiller –update
Your server now allows CGI scripts to run in all directories.
Restore the .htaccess file original setting
To restore the .htaccess files to their original setting, perform the following steps:
-
Log in to your server via SSH as the
rootuser. -
Change to the
/usr/local/apache/conf/directory. -
Restore the original
httpd.conffile. To do this, run the following command:1 2rm httpd.conf mv httpd-old.conf httpd.confRemember:In this example,http-old.confrepresents the backup file’s name. -
Run the distiller to update the settings. To do this, run the following command.
/usr/local/cpanel/bin/apache_conf_distiller –update
You have restored the .htaccess files to their default setting.