Shared SSL & CGI permissions

A

Aussieguy

Verified User
Joined
Jun 13, 2004
Messages
13
Hi
We set up a shared system as discussed in
http://www.directadmin.com/forum/showthread.php?s=&threadid=3826&highlight=shared

allowing our users to use the shared SSL via URL
https://www.wpdflorida.com/username

we also set DA so that the users secure pages are located in the public_html folders because some of our shopping carts require the scripts to be in the same folder...


This works... if we just call a html file in the users secure folder
https://www.wpdflorida.com/allied/index.html

BUT if we try calling a cgi script it won't work
https://www.wpdflorida.com/allied/cgi-bin/test.cgi

error message
Forbidden
You don't have permission to access /allied/cgi-bin/test.cgi on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

---------------------------------------------------------------------------

Any ideas would be much appreciated

Aussieguy in Florida
 
Hey,

It's just a guess but, do you have a .htaccess file in the /allied directory?

I would think you would need one there to allow cgi's to be run under that directory.

The .htaccess should have something like these lines in it:

Options +ExecCGI
AddHandler cgi-script cgi pl

Be sure to restart Apache afterwards...

David
 
tried .htaccess

I tried david's suggestion and get the 500 internal server error

in my logs
Premature end of script headers:
/home/admin/domains/wpdflorida.com/public_html/allied/cgi-bin/test2.cgi


I also tried to create a link directly to the cgi-bin but couldn't create the link because "allied" was already in use


more ideas?

Thanks
 
Hey,

Another thought...

With the .htaccess file in place this:

Premature end of script headers:
Click to expand...

Might be caused by the public_html directory being user:apache instead of user:user.

Just a thought...

David
 
error messages I get

Additional to my original post

the cgi script is working using the non SSL
It is just a simple test script that echoes a couple of lines.

http://florida-health-savings-account.com/cgi-bin/test2.cgi


If I try and access the script using shared SSL
(allied is the username)

https://www.wpdflorida.com/allied/cgi-bin/test2.cgi

----- The error message I get in the browser ------
Forbidden
You don't have permission to access /allied/cgi-bin/test2.cgi on this server.
------------------------------------------------------------------


---- Logs error message -----------
Options ExecCGI is off in this directory: /home/admin/domains/wpdflorida.com/public_html/allied/cgi-bin/test2.cgi
-----------------------------------------------------------------------------


if I change the htacess file as per David's instructions
Options +ExecCGI
AddHandler cgi-script cgi pl


----------I get this error in the logs-----------

Premature end of script headers: /home/admin/domains/wpdflorida.com/public_html/allied/cgi-bin/test2.cgi

---------------------------------------------------------
 
Re: error messages I get

Aussieguy said:
the cgi script is working using the non SSL
It is just a simple test script that echoes a couple of lines.

http://florida-health-savings-account.com/cgi-bin/test2.cgi
Click to expand...
That's not a fair test.

Because:
http://florida-health-savings-account.com/cgi-bin/test2.cgi

is not the same as:

http://www.wpdflorida.com/allied/cgi-bin/test2.cgi

and the latter doesn't work either. So it's got nothing to do with SSL; it's got everything to do with the shared directory.

What are the ownership and permissions of the test2.cgi file in the shared directory?

I believe it must be the same as the owner of the shared site; i.e., the same as if it were uploaded by the user who owns wpdflorida.com.

Have you tried it with that ownership?

Jeff
 
ownership of files

oops i forgot the "s" in https://

https://www.wpdflorida.com/allied/cgi-bin/test2.cgi

I'm new at this so bear with me

first we created the main domain www.wpdflorida.com
which owns the ssl cert, that is to be shared

owner is admin -------- for wpdflorida.com


we then setup a reseller -----------------------> heinz
reseller heinz------> then created a user ----> allied

user allied ----- has the script located in their cgi-bin



using SSH I created the link by:

cd /home/admin/domains/wpdflorida.com/public_html

ln -s /home/allied/domains/florida-health-savings-account.com/public_html allied

**note*** server has been set up so that public_html is the secure folder

with the link I can now get
https://www.wpdflorida.com/allied
https://www.wpdflorida.com/allied/test/index.html
https://www.wpdflorida.com/allied/test/test.php


I am assuming that because the perl script test2.cgi belongs to "allied" and the link that was created for the shared ssl belongs to "admin"

hence the permission problem :confused:

How do I check or even change ownership?
Like I said I'm new at this...

I do have SSH with root acess (danger, danger)

Heinz :rolleyes:
 
Hey,

if I change the htacess file as per David's instructions
Options +ExecCGI
AddHandler cgi-script cgi pl

----------I get this error in the logs-----------

Premature end of script headers: /home/admin/domains/wpdflorida.com/public_html/allied/cgi-bin/test2.cgi
Click to expand...

That would seem to show that it is at least trying to run the script...

So, I still think you need the above in a .htaccess file.

The "Premature end of script" is probably caused by a permission problem with the directory or related files or perhaps it's somehow related to the link...

I'm not real sure but, some testing should work it out.

David
 
permissions

I have tried everything I can think of to set permissions

In the .htacess I allowed all users

Options -Indexes
<Limit GET>
order deny,allow
allow from all
</Limit>


I tried setting the permissions from SSH as root
chmod 755 the folder and the script

I even tried chmod 777 (I know, not good)



when I do a list of files ( ls -l )

The LINK is owned by root

cd /home/admin/domains/wpdflorida.com/public_html
ls -l
-------------------------------------------------------------------------
lrwxrwxrwx 1 root root 67 Jul 22 16:35 allied -> /home/allied/domains/florida-health-savings-account.com/public_html
------------------------------------------------------------------------


If I go to the linked folder

cd allied
cgi-bin is owned by allied
------------------------------------------------------------------------
drwxr-xr-x 2 allied allied 4096 Aug 1 21:48 cgi-bin



cd cgi-bin
ls -l
script is owned by allied
-----------------------------------------------------------------------
-rwxr-xr-x 1 allied allied 278 Aug 1 21:48 test2.cgi
---------------------------------------------------------------------------


So what next?
I really have to be able to execute perl scripts using the shared ssl cert

Heeelpp
 
Hey,

Well, if it were me, I try a .htaccess file with this:

Options +ExecCGI
AddHandler cgi-script cgi pl

in the cgi-bin directory (the one owned by allied)...

BTW, what is the path to the cgi-bin directory that has the script in it?

David
 
You must log in or register to reply here.
Back
Top