You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by "Newman, Stuart J. (GSFC-444.0)[HONEYWELL TECHNOLOGY SOLUTIONS INC]" <st...@nasa.gov> on 2013/04/03 13:03:42 UTC

[users@httpd] file extensions for CGI

I am using RedHat 6.4 with Apache 2.2.15.  I send a wget request to the server for /cobbler/pub/foo.to.  The server returns a 403 status.

The access_log entry is:

129.165.8.75 - - [02/Apr/2013:11:46:44 +0000] "GET /cobbler/pub/foo.to HTTP/1.0" 403 220 "-" "Wget/1.10.2 (Red Hat modified)"

The error_log entry is:

[Tue Apr 02 11:46:44 2013] [error] [client 129.165.8.75] Options ExecCGI is off in this directory: /var/www/cobbler/pub/foo.to

The modsec_audit.log is the most complete:

--cae3ab09-A--
[02/Apr/2013:11:48:47 +0000] UVrFn4GlCCkAAFj@O8UAAAAD 129.165.8.75 46737 129.165.8.41 80
--cae3ab09-B--
GET /cobbler/pub/foo.to HTTP/1.0
User-Agent: Wget/1.10.2 (Red Hat modified)
Accept: */*
Host: cobbler
Connection: Keep-Alive

--cae3ab09-F--
HTTP/1.1 403 Forbidden
Content-Length: 220
Connection: close
Content-Type: text/html; charset=iso-8859-1

--cae3ab09-E--

--cae3ab09-H--
Apache-Error: [file "/builddir/build/BUILD/httpd-2.2.15/modules/generators/mod_cgi.c"] [line 168] [level 3] Options ExecCGI is off in this directory: /var/www/cobbler/pub/foo.to
Apache-Handler: cgi-script
Stopwatch: 1364903327323156 1714 (- - -)
Stopwatch2: 1364903327323156 1714; combined=59, p1=17, p2=37, p3=0, p4=0, p5=5, sr=0, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.7.1 (http://www.modsecurity.org/).
Server: Apache
Engine-Mode: "ENABLED"

--cae3ab09-Z-

My question is why Apache considers a file with a ".to" extension to by a CGI script?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Stuart J. Newman
Engineer 4; Systems
Solar Dynamics Observatory (SDO)

Honeywell Technology Solutions Inc

NASA/Goddard Space Flight Center
Building 14, Room E222
Mail Stop 428.2
Greenbelt, MD 20771

Office: (301) 286-5145
EMail: Stuart.J.Newman@nasa.gov<ma...@nasa.gov>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NOTICE: This communication, including any attachment, contains information that may be confidential or privileged, and is intended solely for the entity or individual to whom it is addressed.  If you are not the intended recipient, please notify the sender at once, and you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message is strictly prohibited.  Nothing in this email, including any attachment, is intended to be a legally binding signature.

Re: [users@httpd] file extensions for CGI

Posted by Tom Evans <te...@googlemail.com>.

On Wed, Apr 3, 2013 at 1:03 PM, Newman, Stuart J.
(GSFC-444.0)[HONEYWELL TECHNOLOGY SOLUTIONS INC]
<st...@nasa.gov> wrote:
> The execute bit is set.

http://httpd.apache.org/docs/2.2/howto/cgi.html#nonscriptalias

Because those options are not set, Apache refuses to execute the file.
Remove the execute bit if it is not executable!

Cheers

Tom

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

RE: [users@httpd] file extensions for CGI

Posted by "Newman, Stuart J. (GSFC-444.0)[HONEYWELL TECHNOLOGY SOLUTIONS INC]" <st...@nasa.gov>.

The execute bit is set.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Stuart J. Newman
Engineer 4; Systems
Solar Dynamics Observatory (SDO)
 
Honeywell Technology Solutions Inc
NASA/Goddard Space Flight Center
Building 14, Room E222
Mail Stop 428.2
Greenbelt, MD 20771
 
Office: (301) 286-5145
EMail: Stuart.J.Newman@nasa.gov

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
NOTICE: This communication, including any attachment, contains information that may be confidential or privileged, and is intended solely for the entity or individual to whom it is addressed.  If you are not the intended recipient, please notify the sender at once, and you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message is strictly prohibited.  Nothing in this email, including any attachment, is intended to be a legally binding signature.

> -----Original Message-----
> From: Tom Evans [mailto:tevans.uk@googlemail.com]
> Sent: Wednesday, April 03, 2013 08:03
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] file extensions for CGI
> 
> Is the file executable - ie "does it have it's exec bit set", not "is
> it a program".
> 
> Cheers
> 
> Tom
> 
> On Wed, Apr 3, 2013 at 12:03 PM, Newman, Stuart J.
> (GSFC-444.0)[HONEYWELL TECHNOLOGY SOLUTIONS INC]
> <st...@nasa.gov> wrote:
> > I am using RedHat 6.4 with Apache 2.2.15.  I send a wget request to
> > the server for /cobbler/pub/foo.to.  The server returns a 403 status.
> >
> >
> >
> > The access_log entry is:
> >
> >
> >
> > 129.165.8.75 - - [02/Apr/2013:11:46:44 +0000] "GET
> /cobbler/pub/foo.to
> > HTTP/1.0" 403 220 "-" "Wget/1.10.2 (Red Hat modified)"
> >
> >
> >
> > The error_log entry is:
> >
> >
> >
> > [Tue Apr 02 11:46:44 2013] [error] [client 129.165.8.75] Options
> > ExecCGI is off in this directory: /var/www/cobbler/pub/foo.to
> >
> >
> >
> > The modsec_audit.log is the most complete:
> >
> >
> >
> > --cae3ab09-A--
> >
> > [02/Apr/2013:11:48:47 +0000] UVrFn4GlCCkAAFj@O8UAAAAD 129.165.8.75
> > 46737
> > 129.165.8.41 80
> >
> > --cae3ab09-B--
> >
> > GET /cobbler/pub/foo.to HTTP/1.0
> >
> > User-Agent: Wget/1.10.2 (Red Hat modified)
> >
> > Accept: */*
> >
> > Host: cobbler
> >
> > Connection: Keep-Alive
> >
> >
> >
> > --cae3ab09-F--
> >
> > HTTP/1.1 403 Forbidden
> >
> > Content-Length: 220
> >
> > Connection: close
> >
> > Content-Type: text/html; charset=iso-8859-1
> >
> >
> >
> > --cae3ab09-E--
> >
> >
> >
> > --cae3ab09-H--
> >
> > Apache-Error: [file
> > "/builddir/build/BUILD/httpd-2.2.15/modules/generators/mod_cgi.c"]
> > [line 168] [level 3] Options ExecCGI is off in this directory:
> > /var/www/cobbler/pub/foo.to
> >
> > Apache-Handler: cgi-script
> >
> > Stopwatch: 1364903327323156 1714 (- - -)
> >
> > Stopwatch2: 1364903327323156 1714; combined=59, p1=17, p2=37, p3=0,
> > p4=0, p5=5, sr=0, sw=0, l=0, gc=0
> >
> > Response-Body-Transformed: Dechunked
> >
> > Producer: ModSecurity for Apache/2.7.1 (http://www.modsecurity.org/).
> >
> > Server: Apache
> >
> > Engine-Mode: "ENABLED"
> >
> >
> >
> > --cae3ab09-Z—
> >
> >
> >
> > My question is why Apache considers a file with a “.to” extension to
> > by a CGI script?
> >
> >
> >
> >
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > ~~~~~~~~~~~~~~~~~~~~~~
> >
> > Stuart J. Newman
> > Engineer 4; Systems
> >
> > Solar Dynamics Observatory (SDO)
> >
> >
> >
> > Honeywell Technology Solutions Inc
> >
> > NASA/Goddard Space Flight Center
> >
> > Building 14, Room E222
> >
> > Mail Stop 428.2
> >
> > Greenbelt, MD 20771
> >
> >
> >
> > Office: (301) 286-5145
> >
> > EMail: Stuart.J.Newman@nasa.gov
> >
> >
> >
> >
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > ~~~~~~~~~~~~~~~~~~~~~~
> > NOTICE: This communication, including any attachment, contains
> > information that may be confidential or privileged, and is intended
> > solely for the entity or individual to whom it is addressed.  If you
> > are not the intended recipient, please notify the sender at once, and
> > you should delete this message and are hereby notified that any
> > disclosure, copying, or distribution of this message is strictly
> > prohibited.  Nothing in this email, including any attachment, is
> intended to be a legally binding signature.
> >
> >
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] file extensions for CGI

Posted by Tom Evans <te...@googlemail.com>.

Is the file executable - ie "does it have it's exec bit set", not "is
it a program".

Cheers

Tom

On Wed, Apr 3, 2013 at 12:03 PM, Newman, Stuart J.
(GSFC-444.0)[HONEYWELL TECHNOLOGY SOLUTIONS INC]
<st...@nasa.gov> wrote:
> I am using RedHat 6.4 with Apache 2.2.15.  I send a wget request to the
> server for /cobbler/pub/foo.to.  The server returns a 403 status.
>
>
>
> The access_log entry is:
>
>
>
> 129.165.8.75 - - [02/Apr/2013:11:46:44 +0000] "GET /cobbler/pub/foo.to
> HTTP/1.0" 403 220 "-" "Wget/1.10.2 (Red Hat modified)"
>
>
>
> The error_log entry is:
>
>
>
> [Tue Apr 02 11:46:44 2013] [error] [client 129.165.8.75] Options ExecCGI is
> off in this directory: /var/www/cobbler/pub/foo.to
>
>
>
> The modsec_audit.log is the most complete:
>
>
>
> --cae3ab09-A--
>
> [02/Apr/2013:11:48:47 +0000] UVrFn4GlCCkAAFj@O8UAAAAD 129.165.8.75 46737
> 129.165.8.41 80
>
> --cae3ab09-B--
>
> GET /cobbler/pub/foo.to HTTP/1.0
>
> User-Agent: Wget/1.10.2 (Red Hat modified)
>
> Accept: */*
>
> Host: cobbler
>
> Connection: Keep-Alive
>
>
>
> --cae3ab09-F--
>
> HTTP/1.1 403 Forbidden
>
> Content-Length: 220
>
> Connection: close
>
> Content-Type: text/html; charset=iso-8859-1
>
>
>
> --cae3ab09-E--
>
>
>
> --cae3ab09-H--
>
> Apache-Error: [file
> "/builddir/build/BUILD/httpd-2.2.15/modules/generators/mod_cgi.c"] [line
> 168] [level 3] Options ExecCGI is off in this directory:
> /var/www/cobbler/pub/foo.to
>
> Apache-Handler: cgi-script
>
> Stopwatch: 1364903327323156 1714 (- - -)
>
> Stopwatch2: 1364903327323156 1714; combined=59, p1=17, p2=37, p3=0, p4=0,
> p5=5, sr=0, sw=0, l=0, gc=0
>
> Response-Body-Transformed: Dechunked
>
> Producer: ModSecurity for Apache/2.7.1 (http://www.modsecurity.org/).
>
> Server: Apache
>
> Engine-Mode: "ENABLED"
>
>
>
> --cae3ab09-Z—
>
>
>
> My question is why Apache considers a file with a “.to” extension to by a
> CGI script?
>
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Stuart J. Newman
> Engineer 4; Systems
>
> Solar Dynamics Observatory (SDO)
>
>
>
> Honeywell Technology Solutions Inc
>
> NASA/Goddard Space Flight Center
>
> Building 14, Room E222
>
> Mail Stop 428.2
>
> Greenbelt, MD 20771
>
>
>
> Office: (301) 286-5145
>
> EMail: Stuart.J.Newman@nasa.gov
>
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> NOTICE: This communication, including any attachment, contains information
> that may be confidential or privileged, and is intended solely for the
> entity or individual to whom it is addressed.  If you are not the intended
> recipient, please notify the sender at once, and you should delete this
> message and are hereby notified that any disclosure, copying, or
> distribution of this message is strictly prohibited.  Nothing in this email,
> including any attachment, is intended to be a legally binding signature.
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org