Is cgi.force_redirect really necessary?

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
pileofrogs
Forum Newbie
Posts: 1
Joined: Thu May 27, 2010 6:49 pm

Is cgi.force_redirect really necessary?

Post by pileofrogs »

If I read the docs right, you only need to set cgi.force_redirect if you have a php executable in your cgi-bin dir. I'm running apache on Linux, so this isn't the usual IIS cgi.force_redirect confusion. I've had some complex mod_rewrite situations that would be easier if I could disable cgi.force_redirect. I don't have a php executable in my cgi-bin dir, so is it safe to disable?

Thanks!
-Dylan
Post Reply