Page 2 of 2

Posted: Wed Jan 14, 2004 7:45 pm
by Pyrite
Why not install them both in the root of your site for testing ...

I honestly have no clue why you need a cgi-bin for php?

Posted: Wed Jan 14, 2004 8:02 pm
by Straterra
I had to use that folder for the old web server I used to use. All PHP scripts had to go in there, so I left them all in there when I switched to Apache.

Posted: Wed Jan 14, 2004 8:10 pm
by Pyrite
But php scripts are not CGI's . And frankly, it's a security risk.

Posted: Wed Jan 14, 2004 9:49 pm
by Straterra
How is it a security risk?

Posted: Thu Jan 15, 2004 10:46 pm
by Pyrite
You know what, nevermind.

Every suggestion I give you, you return with an argument. Forget it.

Posted: Fri Jan 16, 2004 8:08 pm
by Straterra
I'm not trying to argue with you. I am just trying to figure out why that is a security risk and why this script doesn't work. I'm sorry if I have offended you. I am genually interested in why that is a securty problem. Thanks for the help you have given me. If you don't wish to help me anymore, I understand.

Posted: Fri Jan 16, 2004 8:11 pm
by redmonkey
PHP scripts can be run as CGIs dependant on how your server is configured.

I am also interested in what the security implications of this would be?

Posted: Fri Jan 16, 2004 9:34 pm
by Pyrite
Well that depends how your server is setup. :lol:

Posted: Sat Jan 17, 2004 6:26 am
by redmonkey
Well if you are going to as loose as that, you could also say that running Apache, mySQL or stuff like phpMyAdmin is a huge security risk dependant oh how you have set it up.

As with running anything on a server, if the server is not setup correctly or the apps are not configured right there could be security implications.

So what sort of setup specifically would cuase running PHP scripts from the cgi-bin to be a security risk?