B
Brian Clarke
Guest
Hi Guys..
I am moving domains from a dedicated server which runs windows to a new server running linux with a plesk control panel version 9.2.2.
On the old server I have hosts that call php files in the cgi-bin (always been advised to put sensitive files in a cgi-bin preferably not in the web site folder). This is how plesk would have it anyway and it defaults to a cgi-bin above the httpdocs folder.
So when I move the sites, any call to cgi-bin is directed to <domain>/cgi-bin not <domain>/httpdocs/cgi-bin as it was on the windows server.
I have made a copy of domain/conf/httpd.include file and note
</IfModule>
ScriptAlias /cgi-bin/ /var/www/vhosts/balloonavailability.co.uk/cgi-bin/ Alias /plesk-stat /var/www/vhosts/balloonavailability.co.uk/statistics/
<Location /plesk-stat/>
Options +Indexes
</Location>
It appears that this file sends all my cgi-bin/XXXX.php calls to the <domain>/cgi-bin folder.
This would be ok, however when a script is placed in this folder it will not execute, it just asks the user do you want to download this file?
(I have checked folder permissions 750, but file permissions are 644 (no execute) and I am unable to change them)
I don’t mind that the plesk system demands that I put scripts in the cgi-bin folder, but if it does it must allow them to execute.
It would be better if the system allowed me to have a cgi-bin folder under httpdocs, i.e. <domain>/httpdocs/cgi-bin/etc...
This cannot just be a problem for me surely, with all systems deployed this must have come up before?
I can run php scripts anywhere in the httpdocs folder as long as they are not refered to as in a cgi-bin folder, but some sites have been developed calling the cgi-bin and these sites now fail.
Notes from a other searches....
//*****
Tips and Suggestions
CGI-BIN:
On our server CGI scripts can be executed in all directories! The main complaint that users of the PLESK system have always had is that the cgi-bin directory is outside of the main Web directory (httpdocs). Most other system have the cgi-bin folder inside the main folder, and many standard CGI scripts do therefore not work without changing paths in/to these scripts. This can be tiresome. We therefore enabled the server to execute CGI scripts anywhere, in any directory (you still have to set the permissions right, of course ... chmod 755, and so forth). In other words, you can, if you like, create a CGI-BIN folder within the httpdocs folder to store your cgi scripts there. Perl scripts (.pl), on the other hand, can only be executed in the original CGI-BIN folder.
One more point: PSA utilizes Suexec as a CGI wrapper for security. The Suexec wrapper prevents the CGI script from having permissions set over 755. Scripts should run fine with 755 permissions.
Pre-installed Scripts
To do this you have to modify the httpd.conf file - there will be a section in this file that's commented out -
# AddHandler allows you to map certain file extensions to "handlers",
# actions unrelated to filetype. These can be either built into the server
# or added with the Action command (see below)
#
# If you want to use server side includes, or CGI outside
# ScriptAliased directories, uncomment the following lines.
#
# To use CGI scripts:
#
# AddHandler cgi-script .cgi
remove the "#" in front of the last line, save the file, restart apache.
//*****
O.K. My file is not called httpd.conf its called httpd.include, also it does not refer to AddHandler.
Taking out the lines..
ScriptAlias /cgi-bin/ /var/www/vhosts/balloonavailability.co.uk/cgi-bin/
(its refered to twice once for port 80 and the other for the secure port.
This has no effect after restarting the server.
Plesk offer free support for the first month from installation, but advise me that as the panel was supplied by a reseller I have to apply to them and they appear to be struggling with this or are just overloaded and have not resolved it after two days.
Anyone there that knows what I am talking about? Have you had a similar problem? have you resolved it, or do you have a work around?
Help would be greatly appreciated.
regards
Brian
Computaphile
I am moving domains from a dedicated server which runs windows to a new server running linux with a plesk control panel version 9.2.2.
On the old server I have hosts that call php files in the cgi-bin (always been advised to put sensitive files in a cgi-bin preferably not in the web site folder). This is how plesk would have it anyway and it defaults to a cgi-bin above the httpdocs folder.
So when I move the sites, any call to cgi-bin is directed to <domain>/cgi-bin not <domain>/httpdocs/cgi-bin as it was on the windows server.
I have made a copy of domain/conf/httpd.include file and note
</IfModule>
ScriptAlias /cgi-bin/ /var/www/vhosts/balloonavailability.co.uk/cgi-bin/ Alias /plesk-stat /var/www/vhosts/balloonavailability.co.uk/statistics/
<Location /plesk-stat/>
Options +Indexes
</Location>
It appears that this file sends all my cgi-bin/XXXX.php calls to the <domain>/cgi-bin folder.
This would be ok, however when a script is placed in this folder it will not execute, it just asks the user do you want to download this file?
(I have checked folder permissions 750, but file permissions are 644 (no execute) and I am unable to change them)
I don’t mind that the plesk system demands that I put scripts in the cgi-bin folder, but if it does it must allow them to execute.
It would be better if the system allowed me to have a cgi-bin folder under httpdocs, i.e. <domain>/httpdocs/cgi-bin/etc...
This cannot just be a problem for me surely, with all systems deployed this must have come up before?
I can run php scripts anywhere in the httpdocs folder as long as they are not refered to as in a cgi-bin folder, but some sites have been developed calling the cgi-bin and these sites now fail.
Notes from a other searches....
//*****
Tips and Suggestions
CGI-BIN:
On our server CGI scripts can be executed in all directories! The main complaint that users of the PLESK system have always had is that the cgi-bin directory is outside of the main Web directory (httpdocs). Most other system have the cgi-bin folder inside the main folder, and many standard CGI scripts do therefore not work without changing paths in/to these scripts. This can be tiresome. We therefore enabled the server to execute CGI scripts anywhere, in any directory (you still have to set the permissions right, of course ... chmod 755, and so forth). In other words, you can, if you like, create a CGI-BIN folder within the httpdocs folder to store your cgi scripts there. Perl scripts (.pl), on the other hand, can only be executed in the original CGI-BIN folder.
One more point: PSA utilizes Suexec as a CGI wrapper for security. The Suexec wrapper prevents the CGI script from having permissions set over 755. Scripts should run fine with 755 permissions.
Pre-installed Scripts
To do this you have to modify the httpd.conf file - there will be a section in this file that's commented out -
# AddHandler allows you to map certain file extensions to "handlers",
# actions unrelated to filetype. These can be either built into the server
# or added with the Action command (see below)
#
# If you want to use server side includes, or CGI outside
# ScriptAliased directories, uncomment the following lines.
#
# To use CGI scripts:
#
# AddHandler cgi-script .cgi
remove the "#" in front of the last line, save the file, restart apache.
//*****
O.K. My file is not called httpd.conf its called httpd.include, also it does not refer to AddHandler.
Taking out the lines..
ScriptAlias /cgi-bin/ /var/www/vhosts/balloonavailability.co.uk/cgi-bin/
(its refered to twice once for port 80 and the other for the secure port.
This has no effect after restarting the server.
Plesk offer free support for the first month from installation, but advise me that as the panel was supplied by a reseller I have to apply to them and they appear to be struggling with this or are just overloaded and have not resolved it after two days.
Anyone there that knows what I am talking about? Have you had a similar problem? have you resolved it, or do you have a work around?
Help would be greatly appreciated.
regards
Brian
Computaphile