• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

vhost_ssl.conf alias / cgi problem

P

peterbrown

Guest
Hi Folks,

I'm working with Plesk and have run across a peculiar problem. I've set up a system of aliases in the vhost_ssl.conf file, that point from a subdirectory in each shared server's account to an alias in my primary account, for the purpose of sharing my SSL certificate. For example,

.../vhost/domain.com/secure

is aliased to /secure/domain.com

so that a browser can point to

https://mydomain.com/secure/domain.com

The alias part works fine, but I'm unable to execute a .cgi script. Note that in both my main account and the user account, I have .htaccess files setting up the .cgi files, which work fine when called directly. CGI files also work fine when called with https in my primary directory.

It seems to be a weird alias / cgi problem. It's quite urgent, since I have scripts that need to run under SSL, in my customer's aliased directories.

Any geniuses out there? :)

Thanks!

Peter Brown
 
This does not work due to suexec (you can check /var/log/httpd/suexec_log). Your only option is to disable suexec.
 
Thanks for your quick response!

When I got a senior guy on the line at my hosting company (Web Intellects), we explored the suexec issue.

Just before I was going to go with that option, he came up with another solution.

I had put a Directory section in my main vhosts_ssl file, but he told me that I had to also put that same Directory paragraph in the user's vhosts_ssl file.

The Directory text was:

<Directory /virtual/home/>
AllowOverride All
AddHandler cgi-script .pl .cgi
Options +Includes +ExecCGI +FollowSymLinks
</Directory>

(/virtual/home is an alias for the plesk vhosts directory)

When I did that, it all worked like a charm!

(There were subsequent file ownership issues, because of suexec, but they were minor.)

Thanks again!

Peter
 
Hi Folks,

Here's an addendum to the above:

The files in the secondary directory, (the account that's sharing the SSL cert), under suexec, need to be owned by the primary account that runs the SSL cert.

That is - the .cgi and .pl files need be owned by the primary owner.

Also, the directory itself that contains the .cgi files needs to be owned by the primary user.

Just a note for anyone who's trying to do the same thing :).

Peter
 
The problem with this approach is that one user can read the other user's files :) But with suexec there are no many options, unless you want to disable it totally.
 
You must log in or register to reply here.

Similar threads

S
Resolved Cannot log in with WP Toolkit, pathing problem
Replies
6
Views
3K
Peter Debik
P
marvin
Issue IMAP requires security certificate? Maybe?
2 3
Replies
40
Views
4K
Peter Debik
P
Oscar Segura
Issue Upgrading from Ubuntu 20.04 to 22.04: failed reboot
Replies
0
Views
1K
Oscar Segura
Oscar Segura
T
Issue SMTPD No Auth from IP Issue
Replies
2
Views
1K
Tessxr
T
Kulturmensch
Question resolv.conf problems with Ubuntu 22.04 LTS
Replies
11
Views
11K
tramvainqueur
tramvainqueur
Back
Top