Security Alert Message

New Member Joined: Mar 27, 2005 Posts: 18

Hello all,
I have been receiving this message when I try to click on any link on my website.

Quote:

Security Alert! The PHP CGI cannot be accessed directly.
This PHP CGI binary was compiled with force-cgi-redirect enabled. This means that a page will only be served up if the REDIRECT_STATUS CGI variable is set, e.g. via an Apache Action directive.

For more information as to why this behaviour exists, see the manual page for CGI security.

For more information about changing this behaviour or re-enabling this webserver, consult the installation file that came with this distribution, or visit the manual page.

They have pointed these 2 links :

http://in2.php.net/security.cgi-bin
http://in.php.net/install.windows

Anybody has any ideas on this? This error message appears on another php-nuke site hosted on the same server. So I guess it is a server config problem.

Thanks

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

Found this in the manual user notes:

Quote:

If you install under Windows and continually get an error:

This PHP CGI binary was compiled with force-cgi-redirect enabled. This means that a page will only be served up if the REDIRECT_STATUS CGI variable is set, e.g. via an Apache Action directive.

First thing you need to do is change the line in php.ini so it is cgi.force_redirect = Off

Posted: Sun May 01, 2005 10:51 pm

Thanks for the quick reply, Raven.

But my site is hosted on a Linux server.
Kernel version is 2.4.21-27.0.2.ELsmp
Apache version is 1.3.33 (Unix)
PHP version is 4.3.2

Any leads on this would be very helpful.

Posted: Sun May 01, 2005 11:11 pm

The latest version of PHP is 4.3.11 - Please verify what version of PHP you have and that it is truly on a Linux box.

Please run phpinfo() and post back the value of
force-cgi-redirect

Posted: Mon May 02, 2005 12:07 am

Hi,
The versions I listed out had been from the info. in my cpanel. I am on a shared web host. The site had been running ok till last Friday. But this error came up last Saturday. I hadn't done any changes on my site.

How do I run the phpinfo() script ? I am sorry but I don't know much about it.

Posted: Mon May 02, 2005 6:05 am

Save this script to a file and ftp it to your site. Then point your browser to it. Example - If you saved it under a filename "info.php" then the url will be http://yoursite.com/info.php .

Code:

<?


phpinfo();


?>

Posted: Tue May 03, 2005 2:48 am

Thanks Raven...

My site's working now. I am now just waiting for my registration to expire so that I could shift my host. Grrr..........

Posted: Tue May 03, 2005 6:20 am

How did you fix it?