Why CGI execution is vulnarable for shared hostings

CGi scripts work directly with Operating system with help of web server, so that they are so much vulnarable for a shared hosting dedicated server that allows execution of cgi scripts with thousents of accounts hosted on it that even one of them may try to run a vulnarable cgi script to break down the server.

So it is a good idea to completely disable running cgi scripts that normaly it is not comon for people to have them run on their websites.in this tutorial I will show you how you can disable CGI on WHM/Cpanel that is the best hosting automation panel that most of the hosting providers are using worl wide

How to Disable CGI Execution

there are to parts you should do to prevent cgi from running

login to WHM

then go to

Main >> Service Configuration >> Apache Configuration >> Global Configuration

in Global configuration just scroll down a bit and you should see

Directory ‘/’ Options

that has some options enabled

just make sure to disable

finally click on save

so lets do the part two job to disable cgi execution

go here

Main >> Server Configuration >> Basic cPanel/WHM Setup

then scroll down to see this

CGI Script Alias * Automatically create a cgi-bin script alias. This setting can be individually overridden during account creation.

that is by default assign y infront of if

you should type n in the front box of it

so you are now done and you have completely disabled cgi execution on your server

Thanks

No related posts.