blog documentation FAQ followers forum marketplace services youtube

Recent htaccess -ExecCGI breaks installer on my server

The Jamroom Network » Forum » Jamroom Hosting » Page » Recent htaccess -ExecCGI breaks installer on my server
SteveX
SteveX
@ultrajam
11 years ago
2,584 posts
" -ExecCGI " in the htaccess breaks something with my server setup. I get 403 Forbidden for anything in the directory or below.

What does having this in the htaccess do?

Any ideas if there is anything I should change in my server config?

Thanks


--
¯\_(ツ)_/¯ Education, learning resources, TEL, AR/VR/MR, CC licensed content, panoramas, interactive narrative, sectional modules (like jrDocs), lunch at Uni of Bristol. Get in touch if you share my current interests or can suggest better :)
updated by @ultrajam: 12/06/13 12:20:46PM
brian
@brian
11 years ago
10,148 posts
ExecCGI is there for security purposes - it prevents perl/CGI scripts from being run anywhere in the JR directory. So this helps as there are hacks that will find a backdoor into your filesystem, then upload perl (or other CGI scripts) into the filesystem and have those be run - this line in the .htaccess prevents it:

https://httpd.apache.org/docs/2.0/en/mod/core.html

Since this is an "Options" directive, your "AllowOverride" setting in your httpd.conf (or apache2.conf) needs to allow Options - the easiest way if you are in control of your system is just allow all core features to be overridden by entries in the .htaccess file - i.e. find your web root directory entry in the httpd.conf file and change it to:

AllowOverride All

Then restart your web server.

Let me know if that helps.


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net
SteveX
SteveX
@ultrajam
11 years ago
2,584 posts
I've got this in the directives but still the 403 after restarting apache
Quote: allow from all
AllowOverride All
AddHandler fcgid-script .php
AddHandler fcgid-script .php5
FCGIWrapper /home/jam/fcgi-bin/php5.fcgi .php
FCGIWrapper /home/jam/fcgi-bin/php5.fcgi .php5

This is the original:
Quote:
Options -Indexes +IncludesNOEXEC +SymLinksifOwnerMatch +ExecCGI
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
AddHandler fcgid-script .php
AddHandler fcgid-script .php5
FCGIWrapper /home/demo/fcgi-bin/php5.fcgi .php
FCGIWrapper /home/demo/fcgi-bin/php5.fcgi .php5



--
¯\_(ツ)_/¯ Education, learning resources, TEL, AR/VR/MR, CC licensed content, panoramas, interactive narrative, sectional modules (like jrDocs), lunch at Uni of Bristol. Get in touch if you share my current interests or can suggest better :)
brian
@brian
11 years ago
10,148 posts
The AllowOverride has to go in your main httpd.conf (or virtual hosting config) - it can't go in a .htaccess file (not sure if you're doing that here or not) - i.e. here's what mine is like on my mac:

<Directory "/Users/brian/Web">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>

So it has to be applied to your webroot.

Let me know if that helps - if it doesn't, you can remove the ExecCGI line from your .htaccess if you just want to get it working.

Hope this helps!


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

Tags