Options -ExecCGI

  • johannes2024

    (@johannes2024)


    1 year, 4 months ago

    Hi,

    the Options -ExecCGI in the .htaccess has a negative side effect

    As side effect the apache directive
    AllowOverride All
    or (more detailed)
    AllowOverride AuthConfig Indexes Limit Options=Indexes,……,ExecCGI Fileinfo=RewriteEngine,……
    needs enabled

    The Admin needs enable on all vhosts ExecCGI Override with all the security risk (Attacker can create a .htaccess with Options +ExecCGI) only to allow the -ExecCGI in the .htaccess

    Unfortunately there is no apache directive AllowOverride …… Options=-ExecCGI only
    There is a option Nonfatal=All but this has another security side effect.

    I don’t know a <IfOption ExecCGI> like <IfModule mod_bla> or any other way to pre check the option allowed or make the option non fatal.


The topic ‘Options -ExecCGI’ is closed to new replies.

Tags