配置apache运行cgi程序可分为两种情况,一是ScriptAlias目录的CGI,二是ScriptAlias以外目录的CGI。
ScriptAlias目录的CGI
ScriptAlias指令使Apache允许执行一个特定目录中的CGI程序。当客户端请求此特定目录中的资源时,Apache假定其中文件都是CGI程序并试图运行。
ScriptAlias指令形如:
#
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the target directory are treated as applications and
# run by the server when requested rather than as documents sent to the
# client. The same rules about trailing "/" apply to ScriptAlias
# directives as to Alias.
#
ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
#
# "/usr/local/apache/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
#
<Directory "/usr/local/apache/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
#
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
#
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
测试:
1) 创建文件/usr/local/apache/cgi-bin/test.cgi,chmod a+x /usr/local/apache/cgi-bin/test.cgi.
/usr/local/apache/cgi-bin/test.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print "Hello, World.";
2)在浏览器中访问http://192.168.0.120/cgi-bin/test.cgi
ScriptAlias目录以外的CGI
由于安全原因,CGI程序通常被限制在ScriptAlias指定的目录中,如此,管理员就可以严格地控制谁可以使用CGI程序。但是,如果采取了恰当的安全方法措施,则没有理由不允许其他目录中的CGI程序运行。比如,你可能希望用户在UserDir指定的宿主目录中存放页面,而他们有自己的CGI程序,但无权存取cgi-bin目录,这样,就产生了运行其他目录中CGI程序的需求。
1、用Options显式地允许CGI的执行
可以在主服务器配置文件中,使用Options指令显式地允许特定目录中CGI的执行:
- <Directory /usr/local/apache/htdocs/somedir>
- Options +ExecCGI
- </Directory>
上述指令使Apache允许CGI文件的执行。另外,还必须告诉服务器哪些文件是CGI文件。下面的AddHandler指令告诉服务器所有带有cgi或pl后缀的文件是CGI程序:
- AddHandler cgi-script .cgi .pl
2、.htaccess文件
.htaccess文件是针对目录进行配置的一种方法。Apache在提供一个资源时,会在此资源所在目录中寻找.htaccess文件,如果有,则使其中的指令生效。AllowOverride 指令决定了.htaccess文件是否有效,它指定了哪些指令可以出现在其中,或者根本不允许使用。为此,需要在主服务器配置中如此配置:
- AllowOverride Options
在.htaccess文件中,需要如此配置:
- Options +ExecCGI
以使Apache允许此目录中CGI程序的执行。
运行访问所有用户home下的CGI
配置如下:
<Directory /home/*/public_html>
Options +ExecCGI
AddHandler cgi-script .cgi
</Directory>
如果只是cgi-bin下的为cgi,配置如下:
<Directory /home/*/public_html/cgi-bin>
Options ExecCGI
SetHandler cgi-script
</Directory>