CGI/image problem

wayneinspain

Verified User
Joined
Jun 5, 2007
Messages
11
Hi

I've just installed Commerce.cgi, a CGI-based shopping cart on my new server (in the private_html directory for SSL), and for some reason none of the images are showing up. I've tried various locations for the images folder, outside the cgi-bin) but to no avail. I've also done a test installation in the public_html directory and that's exactly the same. Is it a quirk of DA that causes images to not display? The store worked fine on our old server with exactly the same directory structure and all I've needed to do is set all the file permissions to get it working. But I need the images to display. Any ideas anybody?

Thanks.
 
Where are the images located? If the images are located under a directory/subdirectory that has got CGI enabled then you need to move them(images) to a spot(directory) that doesn't have CGI enabled.

You can also check the error log to see what might be causing the issue.
 
The issue is the way apache conf is been setup

ScriptAlias /cgi-bin/ /home/xxx/domains/xxxxx/public_html/cgi-bin/

Since cgi-bin directory is only set as script alias, so it will only allow the scripts to be executed. You cant run any static content like .htm or even images. It considers each file as a script and tries to execute it.

this is done for safety as you can then lock down the perl scripts execution and your scripts are separated from your static content.

You probably might need to use AddHandler directive.
 
I think I understand what you're saying but I've discovered what might be part of the problem.

I initially installed the store in the http (public_html) directory to test it. I then installed it in the https (private_html) directory - changing all the paths to the various files so they say https rather than http. (I have an SSL certificate on the domain.) It wouldn't display the images. But then I noticed that when I changed some data in the price list that didn't refresh either. I then deleted the public_html installation as an experiment and tried to run the script but it wasn't found. It appears that https is looking at http for some reason. That might be part of the problem. I'm confused. When I was setting up the server I checked the button that says "Use a symbolic link from private_html to public_html - allows for same data in http and https" but then I decided against that and changed it back. Could that have altered something? Do I need to do something to make the cgi-bin work in the private_html directory?

Thanks for everybody's help.
 
When you check that link, the private_html directory becomes a link to the public_html directory. So if you delete the public_html directory contents you've also deleted the private_html directory contents. If you changed it back afterwards, then I'm not sure what it would do; it may delete the entire contents of private_html and give you a blank one.

Also, I'm not sure if you can set up a cgi-bin in private_html, so I'd recommend starting over:

First make the link again. Then make sure the public_html and private_html directories are both empty. Recreate the cgi-bin directory inside public_html if it's not there.

Then upload everything again, to public_html.

The disadvantage with this method is that anyone who visits your site via http instead of https will be able to work insecurely. If you're accepting money you may not want them to be able to do that, so be sure to read up on how to use .htaccess to require https acces.

Do you have your own DirectAdmin based server? If so, then this is the best place for support. But if you buy your hosting from a hosting company you may want to check with them to help you.

Jeff
 
I don't really want to have the same content for http and https. I just want the store to reside on the secure side. So I guess the real question is can I have a cgi-bin working in private_html. Can I just add an .htaccess file to the cgi-bin with

Options +ExecCGI
AddHandler cgi-script .cgi .pl

in it?

Also, why does https think it's http?

I have DirectAdmin installed on a Dedipower hosted server. I'm not sure if this is something that I should ask DirectAdmin or Dedipower to help me with. The installation was done by DirectAdmin. Should I contact DirectAdmin technical support directly?

Apologies for being confused. I'm not really a techie.
 
The .htaccess file in a cgi-bin directory should enable it.

I don't know what you mean by
why does https think it's http?
If you bought DirectAdmin from the DirectAdmin site, and have either a monthly, quarterly or annual license then support from DirectAdmin is included. If you have a Lifetime License then support is at DA's option. If you have an Internal License, then support is NOT included. If you got your license with your Dedipower server then Dedipower should give you support.

If you can get your support here, that's good ;) .

Jeff
 
Thanks Jeff.

I've dropped technical support an email. Hopefully they can get to the bottom of the problem. I'll let you know how it gets resolved.
 
OK. The solution was a simple one as these things usually are. This is what DirectAdmin technical support said:

"The cgi-bin directory lives in the public_html folder, even if accessed from https. Anything outside of that is in it's usual location.. so if the images need to exist in a custom folder, they'd need to be under the private_html folder somewhere."

So, I installed the script in the cgi-bin in the public_html folder and the images in the private_html folder and everything works fine now.

I'm now going back to re-read the 'Idiots Guide to Being an Idiot'. I think I missed a chapter.

Thanks for everybody's help.
 
I'm now going back to re-read the 'Idiots Guide to Being an Idiot'. I think I missed a chapter.
I love a good sense of humor.

By the way, in case you didn't know it already, the trains in Spain stay mainly on the tracks. ;) .

(I've performed as Henry Higgins in local theaters a few times in my life, beginning when I was only 17 (which was well over 40 years ago :) ).

Jeff
 
I have read a lot of post but I still confust,

Just a question about SSL Certificate, private_html an a script that only most work with https:// and not under http://

I have a ssl Certificate, in order that what visiters uploading or shows-up any messages are secure.

Put the script in private_html in a selfmade cgi-bin directoy.

Puts a .htaccess to execute the cript. (like the code above.)

A script with the same name in public_html /cgi-bin showed up and not the one I ask for it.

why?
If I put the script in the public_hml/cgi-bin than the script isnt scecure anymore, and why do I have than a SSL certificate ? if you can call the script whitout the s of https:// ?

isn't that when you have a SSL certificate, put the script in private_html/cgi-bin doesn't show up under http://

So i think that 'they' say it is secure, it isn't.

Or do or think I right? If no, can someone help me to get a script running under https:// whitout the possibility that the script is running under http://

In hope that someone can help me
Thanks DAjonck
 
cgi-bin is controlled by a setting in your httpd.conf file. I believe the fix has been posted before, possibly by DirectAdmin staff.

You can add a new path for cgi-bin in DirectAdmin, at the admin level, by editing the user's httpd.conf file.

But you'll probably have to have different names for the files; otherwise the system may still find the one in public_html first. Try it.

Jeff
 
Jeff thnx for answering,
Just for my own
In the users httpd.conf I found the lines:
__________________________________
<VirtualHost 123.123.12.123:443>
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key


ServerName www.name.com
ServerAlias www.name.com name.com
ServerAdmin [email protected]
DocumentRoot /home/name/domains/name.com/private_html
ScriptAlias /cgi-bin/ /home/name/domains/name.com/public_html/cgi-bin/

<Directory /home/sevim/domains/name.com/private_html>
Options +Includes -Indexes
<IfModule mod_php4.c>

</VirtualHost>

changed the line
ScriptAlias /cgi-bin/ /home/name/domains/name.com/public_html/cgi-bin/
in
ScriptAlias /cgi-bin/ /home/name/domains/name.com/private_html/cgi-bin/

the line
<Directory /home/sevim/domains/name.com/private_html>
Options +Includes -Indexes
</Directory>

changed in
<Directory /home/sevim/domains/name.com/private_html>
Options +ExecCGI
</Directory>


ar those the right changes ?
an I forgot the restart code from the commandline

restart /usr/local/directadmin/data/users/name/httpd.conf ?
right ?

DAjonck
 
I'm not sure what you mean. Changes you make directly to the user's httpd.conf file will not stick; you should make changes through the admin control panel only.

I have no idea what you mean by your restart command. You should restart apache either through the control panel or through the shell, using whatever facility your OS Distribution uses.

Jeff
 
Jeff

Hopefully the next explaination, is more clearly:

In the admin control panel:
Custom HTTPD Configurations -> domainname.com you find:
Httpd.conf Customization for domainname.com
Only add the few lines of the VirtualHost you need to insert.
Do not add a whole <Virtualhost>..</VirtualHost>

The field below shows the complete httpd.conf
(with already the lines as the post above)

If I put the changing the lines beteween in the field above an saved it.:rolleyes:
I strongly think that this is not working correctly, so I thought make the changes at the shell (vim) an reboot apache.

To restart apache, command just only for the specified user, or for hole server ?

{and I forgot the restart code from the commandline}
restart /usr/local/directadmin/data/users/name/httpd.conf ?
the command from the shell.

{are those the right changes ?} (post above)
to get https:// running with the cgi-bin from the private_html directorie
even when the have the same name as the scripts in the cgi-bin of public_html


Clearly ?
 
Not really; you seem to mix quotes and your own text without using standard ways to show the difference.

True the Custom HTTPD configuration is limited, but it definitely works. If you make manual changes to the user httpd.conf file there are many things you can do within DirectAdmin that will rewrite it, and remove your changes unless they're made through DirectAdmin.

You can resolve that making the user httpd.conf file immutable, but that will mean there's a lot of things in DirectAdmin (for example, adding domains, changing domain names, lots of stuff from the control panel concerning sites and hosting) won't work anymore.

You can't restart apache for one user; you've only got one apache running.

So you restart apache. Do that from the control panel, or learn how to do it in your OS Distribution; they're all different.

Jeff
 
Jeff thnx for aswering (again)

the line
<Directory /home/sevim/domains/name.com/private_html>
Options +Includes -Indexes
</Directory>

changed in
<Directory /home/sevim/domains/name.com/private_html>
Options +ExecCGI
</Directory>

are those the reight changes to execute cgi-bin ?

changed the line
ScriptAlias /cgi-bin/ /home/name/domains/name.com/public_html/cgi-bin/
in
ScriptAlias /cgi-bin/ /home/name/domains/name.com/private_html/cgi-bin/
are those the right changes to get https// scripts running under ssl,
so that they not work under http:// ?

The reason why I ask this, if those are not the right changes and the website thats already running under http:// mixtup, I'm not happy about it.
 
I'm a server admin, but not an http guru, so unfortunately all I can answer is to try it.

I don't think you want to drop any of the options, though. Just leave the old ones, add the new, and give it a try.

Hopefully someone else who either knows the answer, or has the time to look it up and/or try it, will help, too.

Jeff
 
Back
Top