CSC

CRIPTOGRAFIE ȘI SECURITATE CIBERNETICĂ

 

Laborator

6. Securitatea comunicațiilor web


HOME : Apache httpd


Apache httpd : Use CGI Scripts
 
Use CGI (Common Gateway Interface) Scripts.
[1] By default, CGI is allowed under the [/var/www/cgi-bin] directory.
It's possible to use CGI Scripts to put under the directory. All files under it are processed as CGI.
# CGI is allowed under the directory

[root@www ~]#
grep -n "^ *ScriptAlias" /etc/httpd/conf/httpd.conf

252: ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
# verify working to create test script
# any languages are OK for CGI scripts (example below is Python3)

[root@www ~]#
echo '#!/usr/bin/python3' > /var/www/cgi-bin/index.cgi

[root@www ~]#
echo 'print("Content-type: text/html\n")' >> /var/www/cgi-bin/index.cgi

[root@www ~]#
echo 'print("CGI Script Test Page")' >> /var/www/cgi-bin/index.cgi

[root@www ~]#
chmod 755 /var/www/cgi-bin/index.cgi

[root@www ~]#
curl localhost/cgi-bin/index.cgi

CGI Script Test Page
[2] If you'd like to allow CGI in other directories, configure like follows.
For example, allow in [/var/www/html/cgi-enabled].
[root@www ~]#
vi /etc/httpd/conf.d/cgi-enabled.conf
# create new
# specify extension that are processed as CGI on [AddHandler cgi-script] line

<Directory "/var/www/html/cgi-enabled">
    Options +ExecCGI
    AddHandler cgi-script .cgi .pl .py .rb
</Directory> 

[root@www ~]#
mkdir /var/www/html/cgi-enabled

[root@www ~]#
systemctl restart httpd

[3] If SELinux is enabled and also enable CGI except default location like above, add rules like follows.
[root@www ~]#
semanage fcontext -a -t httpd_sys_script_exec_t /var/www/html/cgi-enabled

[root@www ~]#
restorecon /var/www/html/cgi-enabled
[4] Create a CGI test page and access to it from any client computer with web browser.
[root@www ~]#
vi /var/www/html/cgi-enabled/index.cgi
#!/usr/bin/python3

print("Content-type: text/html\n")
print("<html>\n<body>")
print("<div style=\"width: 100%; font-size: 40px; font-weight: bold; text-align: center;\">")
print("CGI Script Test Page")
print("</div>")
print("</body>\n</html>")

[root@www ~]#
chmod 755 /var/www/html/cgi-enabled/index.cgi

...

 

 

 

CSC

curs,laborator,

proiect,referat

Master - RCC

an 2

(FIESC)