Question Perl on Debian

[Bod]

Server operating system version

Debian 12

Plesk version and microupdate number

Version 18.0.59 Update #2

I'm new to Plesk, having only installed Obsidian Version 18.0.59 yesterday on a Debian 12 VPS. We are moving from shared hosting, which we have outgrown.

Many of our web pages are dynamically generated with Perl. This does not just run in the cgi-bin but sits in many directories as the default file. However, we are having great difficulty executing these scripts. I've set up a staging area where we will move each site to before copying it to the final location and then moving the DNS. The first site to move is purely static and is now up and running. But as soon as I try to run a Perl script on the next site, I run into trouble.

I've put a very simple Perl script at /var/www/vhosts/example.com/httpdocs/index.pl

Using SSH I have checked that the script works properly outside of a web server environment - it does

But...when I access it in a browser, I see the Perl code. So I've put the following in the site's Apache HTTPS handler

<Directory /var/www/vhosts/example.com/httpdocs>
<Files ~ (\.pl$)>
SetHandler cgi-script
Options ExecCGI
allow from all
</Files>
</Directory>

I think this automagically goes into the vhost_ssl.conf file.
But this causes a 500 Error.

I've checked cgid is on in 'Apache Web Server Settings'

What else do I need to do to get Perl scripts to execute but still allowing HTML pages to display statically?
What should I check next?

 

[kpushkarev]

You can check if your config is applied by looking into /var/www/vhosts/system/example.conf/conf/vhost_ssl.conf.
Error 500 may be caused by incorrect access rights, check /var/log/apache2/suexec.log for any errors after accessing index.pl. The file to be executed must be owned by <your_domain_user>:psacln.
Also, there may be errors in /var/www/vhosts/system/example.com/logs/error_log.

 

[Bod]

You can check if your config is applied by looking into /var/www/vhosts/system/example.conf/conf/vhost_ssl.conf.
Error 500 may be caused by incorrect access rights, check /var/log/apache2/suexec.log for any errors after accessing index.pl. The file to be executed must be owned by <your_domain_user>:psacln.
Also, there may be errors in /var/www/vhosts/system/example.com/logs/error_log.

Thank you.

As you rightly suggested, the problem was caused by a permission error.

Is there somewhere I can put the Apache directive so it applies to all sites under /var/www/vhosts/ instead of having to add it to every domain?

 

[Bod]

I think I've solved it...by changing the default directive in /etc/apache2/apache2.conf to:

<Directory /var/www/>
    <Files ~ (\.pl$)>
        SetHandler cgi-script
        Options ExecCGI
        allow from all
    </Files>
    AddHandler cgi-script .pl
    Options ExecCGI Indexes FollowSymLinks SymLinksIfOwnerMatch
    AllowOverride All
    Require all granted
</Directory>

 

[kpushkarev]

If you want to set it up for all domains, you can use configuration templates, namely the domainVirtualHost.php one.
Enabling CGI all over /var/www may be not secure. You should be 100% sure that a malicious user can't upload a file there.

Also, modifying /etc/apache2/apache2.conf is not optimal, because it may create a conflict on Apache upgrade. It's better to put your custom global config into /etc/apache2/conf-available and then enable it by a2enconf (a2disconf to disable).