How does the Apache server enable CGI execution?

CGI (Common Gateway Interface) defines how web servers interact with external content generation programs, which are often called CGI programs or CGI scripts. It's a simple way to put dynamic content on your website using the programming language you're most familiar with.

Configure Apache to allow CGI

In order for CGI programs to work properly , Apache needs to be configured to allow CGI execution. There are several ways to do this.

Method 1: ScriptAlias ​​directive (Recommended learning: Apache server)

The ScriptAlias ​​directive tells Apache to set aside a specific Table of contents. Apache will assume that every file in this directory is a CGI program and attempt to execute it when a client requests that specific resource.

The ScriptAlias ​​directive looks like this:

ScriptAlias "/cgi-bin/" "/usr/local/apache2/cgi-bin/"

The example shown can be found in the default httpd.conf configuration file if Apache is installed in the default location.

The ScriptAlias ​​directive is much like the Alias ​​directive in that it defines a URL prefix that maps to a specific directory. Alias ​​and ScriptAlias ​​are usually used in directories outside the DocumentRoot directory.

The difference between Alias ​​and ScriptAlias ​​is that ScriptAlias ​​has the additional meaning that everything under that URL prefix will be treated as a CGI program.

So the above example tells Apache that any request for a resource starting with /cgi-bin/ should be served in the directory /usr/local/apache2/cgi-bin/ and should be treated as CGI program.

For example, if the URL http://www.example.com/cgi-bin/test.pl is requested, Apache will try to execute the file /usr/local/apache2/cgi-bin/test.pl and return output. Of course, the file must exist, be executable, and return output in a specific way, otherwise Apache will return an error message.

Method 2: CGI outside the ScriptAlias ​​directory

For security reasons, CGI programs are usually limited to the ScriptAlias ​​directory. This way, administrators can tightly control who is allowed to use CGI programs. However, if proper security precautions are taken, there is no reason why CGI programs cannot be run from arbitrary directories.

For example, you might want to use the UserDir directive to let users have web content in their home directory. If they want to have their own CGI program but don't have access to the main cgi-bin directory, they need to be able to run the CGI program somewhere else.

There are two steps to allow CGI execution in any directory. First, the cgi-script handler must be activated using the AddHandler or SetHandler directive. Second, ExecCGI must be specified in the Options directive.

Method 3: Use Options to allow CGI execution

You can explicitly use the Options directive in the main server configuration file to specify that CGI execution is allowed in a specific directory. :

<Directory "/usr/local/apache2/htdocs/somedir">
    Options +ExecCGI
</Directory>

The above directive tells Apache to allow execution of CGI files. You also need to tell the server which files are CGI files. The following AddHandler directive tells the server to treat all files with a cgi or pl extension as CGI programs:

AddHandler cgi-script .cgi .pl

Method 4: User directory

To allow in user directories To execute a CGI program on any file ending with .cgi, you can use the following configuration.

<Directory "/home/*/public_html">
    Options +ExecCGI
    AddHandler cgi-script .cgi
</Directory>

If you wish to specify the cgi-bin subdirectory of your user directory where everything will be treated as a CGI program, you can use the following command.

<Directory "/home/*/public_html/cgi-bin">
    Options ExecCGI
    SetHandler cgi-script
</Directory>

The above is the detailed content of How does the Apache server enable CGI execution?. For more information, please follow other related articles on the PHP Chinese website!