Can't run html files in CGI BIN

**smile** · 10-27-2004 02:24 AM

Hi,

I get 500 internal server error whenever i try to run index.html files in cgi-bin folder. Can some one suggest a fix for that.

**chirpy** · 10-27-2004 03:33 AM

Is index.html a script? If so, in what language? If you mean that it is just html, then you cannot view html or image files stored within your cg-bin directory.

**smile** · 10-27-2004 03:50 AM

Thanks Chirpy

**dianaward** · 01-17-2005 05:55 PM

I have a customer who has been on my server for a number of months, with no obvious trouble. In looking at my user crons to try to balance the mailing load I see that he is running a cron job every 3 hours that calls a file named srv.html from his cgi-bin. A look at his site reveals that there are no files on the site but 4 .html files in cgi-bin and the default index page. What is he doing? Is there a legitimate reason to name a script with a .html extension?

**chirpy** · 01-18-2005 03:35 AM

There can be legitimate reasons where you want to hide the fact that you're providing dynamic content. However, what your seeing does eem odd. If you could post part of what one of the files looks like (the first 10 lines or so) it might be easier to tell what's going on.

**dianaward** · 01-19-2005 03:15 PM

and I suspended him pending cancellation. I will try to retrieve the data to post here though, just to learn. I do know that he told me he purchase the account to practice learning php, and the files are binary files and in the cgi bin. So something is fishy.

**chirpy** · 01-19-2005 03:56 PM

Very odd. I wouldn't allow compiled binaries unless I trusted the user and knew what they were up to.

**Donna** · 01-19-2005 06:53 PM

One thing I can say from experience... if anyone says they want an account to "learn" PHP they're probably up to something. You can learn PHP without a web account, not many legit people will get an account and spend money just to do that.

And if he's using php there's no reason for it to be in the cgi-bin unless he's trying to hide it from you.

Even if they are legit... you've seen what this guy did to your server. No amount of money is worth having one of your shared hosting servers dragged through the mud so some guy can learn what he's doing. Remember.... he makes the mistakes, but it's you and your other clients that will pay the price for those mistakes.

*quick edit.. as Jonathan said... there's no reason for him to be using compiled binaries either. In fact 99.9999% of clients have no legit reason to be using compiled binaries.

**dianaward** · 01-23-2005 07:13 PM

all they suggested was that I ask him what he was doing. I'd already done that, so I just watched and terminated him when I could prove he'd violated tos. I never heard a peep from him after the termination, and he'd paid in advance, so obviously he was up to something and not just a beginner. I never could find anything in logs or elsewhere, until the server load, to show for his actions though.

LinkBack

Thread Tools

Can't run html files in CGI BIN

found this while searching for html in cgi bin, because

never mind, he took the server load up to 90%

That's what I thought, but I ran it by my support techs and

How can a user run a .cgi script outside the cgi-bin?

run a file from the cgi-bin folder

cgi files are only working in the cgi-bin after upgrading with easyapache3

err 404 cant run cgi-bin

cgi-bin / perl won't run