Non-cgi files in "AllowCGI" directory

Posted on 2003-03-05
Medium Priority
Last Modified: 2010-03-04
My Apache 2.0 on RedHat 8.0 is trying to execute all my image files residing in a subdirectory of /eng which is ScriptAlias-ed. I tried adding

 <Directory /var/www/html/eng/html>
Options -ExecCGI

to no avail. I get "premature end of script headers" in my logs. It is essentual to keep the curent file structure, since it's going to be a lot of work to edit all the scripts to reflect such a change. How can I tell Apache not to execute files in surton subdirectories. If you need me to, I can give you more ditails about the current configuration and even post the httpd.conf file here.

Thanks in advance
Question by:blago
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 22

Accepted Solution

pjedmond earned 200 total points
ID: 8091548
OK - best bet is to think about the structure of your whole web site, and decide where you want executable cgi scripts and where you don't.

There are a number of global parameters within your http.conf file that effectively allow/disallow you to alter features for subdirectories.

One that you are interested is:

AllowOverride ExecCGI

needs to exist as a global directive in order to enable you to do what you want the way you have attempted.

Perhaps it would be easier to just enable your executable scripts in the one directory where they exist using the ExecCGI?

.......or use a special processing script:

<Directory /var/www/html/eng/html>
    <FilesMatch "\.(gif|jpg)$">
        SetHandler /cgi-bin/display-image.cgi

Hope that helps:)

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question