Is it safe to enable "CGI Access" for cPanels?

postcd

• October 17, 2016 14:13

Hello, when reselling cpanel hosting publicly is it safe/secure to enable "CGI Access" by default for all new cpanel accounts?

• 

  ItsMattSon

  • October 18, 2016 06:13

  Subscribing to thread - Would like to know this as well. Additionally, does anyone know if CGI can be disabled? Is it needed at all?

  0
• 

  cPanelMichael

  • October 24, 2016 17:34

  Hello, For security reasons, we strongly recommend that you do not use CGI scripts in directories other than the cgi-bin directory. Information about enabling or disabling CGI scripts is documented at: How to Enable Additional CGI Scripts - cPanel Knowledge Base - cPanel Documentation Ensure to review the "Warning" section for information about EasyApache 4. Let us know if you have any additional questions. Thanks!

  0
• 

  ItsMattSon

  • November 01, 2016 09:31

  Hmm. i tried "enabling" CGI with the EasyApache 4 Option ExecCGI (checked the box) but my Hello World (.pl or .cgi) perl script doesn't execute in web root or /public_html/cgi-bin/ so I'm a bit lost on this one. It just shows up as plain text in the browser. Any ideas?

  0
• 

  cPanelMichael

  • November 01, 2016 14:27

  Could you browse to "WHM >> Account Functions >> Modify an Account", choose the account you are testing with, and check to see if "CGI" is enabled under the "Privileges" section? Thank you.

  0
• 

  ItsMattSon

  • November 02, 2016 00:26

  Fantastic! I totally missed that (it was not enabled in the package). Good to know there is a way to toggle CGI privilege. I'm all sorted on this thread. Thanks Michael :)

  0
• 

  cPanelMichael

  • November 02, 2016 13:53

  I'm happy to see that information was helpful! Thanks for updating us with the outcome.

  0

Please sign in to leave a comment.