Run Perl CGI Scripts On CentOS 7 With Apache/Httpd

linux httpd centos7 perl cgi
29,236

Solution 1

This is how to get CGI Perl scripts executing correctly on CentOS 7.

I'm leaving this here as it seems a lot of the resources on the internet don't combine the steps and leave people like me very confused.

In short this, is what needs to be done.

  1. Install software.
  2. Create your test CGI file.
  3. Ensure the CGI module is loaded. Inside httpd.conf.
  4. Change the directory settings in httpd.conf.
  5. Change permissions to allow for CGI to execute.

Install and configure software

sudo yum update
sudo yum install httpd
sudo yum install perl perl-CGI
sudo systemctl start httpd.service
sudo systemctl enable httpd.service

Create your test CGI file

Even following these steps all the way through, I never once got a CGI script inside /var/www/cgi-bin to load without modifying the web root inside httpd.conf. Instead I decided to just activate CGI in another directory.

On my server, I want the web root html to hold my CGI files. This is /var/www/html/hello.cgi

#!/usr/bin/perl
print "Content-type: text/html\n\n"; # This is mandatory.
print "<h2>Hello world!</h2>";

Ensure the CGI module is loaded. Inside httpd.conf

You can do an easy check for this via the command.

grep -n "LoadModule" /etc/httpd/conf/httpd.conf

I could see that no CGI modules were specified and I confirmed their existence inside the modules folder via:

find /etc/httpd/modules/ -iname "*cgi*"

This is the one I am after:

/etc/httpd/modules/mod_cgi.so

Let's add that to the /etc/httpd/conf/httpd.conf file:

LoadModule cgi_module modules/mod_cgi.so

I believe that you need to load the module in a different way in Ubuntu, keep that in mind.

Change the directory settings in httpd.conf

Before restarting httpd we have to change one more thing inside /etc/httpd/conf/httpd.conf:

<Directory "var/www/html">
    Options +ExecCGI
    AddHandler cgi-script .cgi .pl
</Directory>

According to many Googlings, you may have to also modify this part of the httpd.conf file so that it points to the same directory as above "var/www/html":

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

I didn't modify mine, it didn't seem to make a difference.

Change permissions to allow for CGI to execute

And this one got me stuck a lot! Don't overlook this!

You need to tell your server that these CGI scripts are allowed to be executed as programs.

chmod 705 *.cgi

Or you can target individual CGI scripts.

chmod 705 hello.cgi

(Some people on the internet have said that chmod 755 and 777 might also work.)

Now restart httpd like so:

sudo systemctl restart httpd.service

At this point my CGI scripts are rendering into HTML correctly.

They are being served from the web root like this: http://<IP>/hello.cgi

Please feel free to add any more information that might help others.

Solution 2

(Some people on the internet have said that chmod 755 and 777 might also work.)

If you are sharing the server with anyone else, and in general because of possible attack, you should almost definitely not be using /any/ of 755, 705 or 777. These would give any other users logged onto your server the ability to execute your scripts with any arguments they choose. Instead, make sure that your scripts and all directories above it have nginx, apache, or whatever user/group runs your webserver and is supposed to execute your scripts, as owner or group (using the command chown or chgrp). Then set the third bit in chmod to 0 (You should never use something more permissive than 750), because other users on your server (except for you and nginx/apache, whether an intruder or a legitimate user), have /no/ business executing, reading or modifying your scripts from the shell.

You can read up on linux file permissions at e.g. https://www.digitalocean.com/community/tutorials/linux-permissions-basics-and-how-to-use-umask-on-a-vps#octal or https://www.digitalocean.com/community/tutorials/an-introduction-to-linux-permissions etc

Good luck!

EDIT: This is an explanation of what user chick wrote on Jan 28 - good call, the permissions are too permissive in the tutorial.

Share:
29,236

Related videos on Youtube

Joseph
Author by

Joseph

Works in IT

Updated on September 18, 2022

Comments

  • Joseph
    Joseph almost 2 years

    My CGI Perl scripts CentOS 7 are not running correctly, they are either showing up as plain text or I am getting a server error.

    I've been placing my scripts into the default /var/www/cgi-bin directory with no luck.

    I tried to place CGI scripts into /var/www/html/another-dir but they are just coming up as plain text.

  • chicks
    chicks over 8 years
    Making your whole DocRoot executable makes it easier on attackers. All they need to do is find a whole that let's them write a file in that tree. Only the smallest subset of things practical should be allowed to execute.
  • Joseph
    Joseph over 8 years
    Better practice would be to put *.cgi into it's own dir and add that dir as <Directory> for CGI execution in httpd.conf, is that correct?
  • Joseph
    Joseph almost 8 years
    Great points! I made my previous answer a community wiki so that others can update it correctly. :)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Can't restart httpd.service on CentOS 7 (Apache server)
How to run linux bash script from web browser?
No Presto metadata available for base Error downloading packages:
How do I configure Apache 2 to run Perl CGI scripts?
Flutter Doctor shows problem with GTK 3.0 for CentOS Linux 7 running on Doctor
Split files based on file content and pattern matching
understanding and decoding the file mode value from stat function output
Perl script for file upload
gcc: error: unrecognized command line option
Getting error chown: invalid group: ‘nobody:nogroup’ while setting up an NFS server drive ownership permission