cgiemail-cgiecho -- How can I remove this terrible program

bmcpanel

Well-Known Member
Jun 1, 2002
544
0
316
I use CSF/LFD firewall (Thank you Chirpy). It seems that anytime I get a message from LFD about an email relay alert, I check the directory and find cgiecho/cgiemail installed in the customers cgi-bin. Obviously, it has some flaws. I have 2 questions.

1. Why does cpanel still allow for this terrible script to be installed in Cpanel?

2. How can I use WHM to remove it from the available scripts. I have checked the feature manager, and there seems to be no ability to uncheck specific cgi-center scripts such as cgi-email.

I despise this script. It is an abomination.
:mad:

Thank you.
 

verdon

Well-Known Member
Nov 1, 2003
934
16
168
Northern Ontario, Canada
cPanel Access Level
Root Administrator
part of the problem too is that even if you delete it from the user's cgi-bin and maybe don't even let them have a cgi-bin, you can still get to it by going to cutomerdomain.com/cgi-sys/cgiemail or customerdomain.com/cgi-sys/formmail.pl or whatever. I've recently started removing the executable bit from a few of these. I don't know if that will survive and upgrade, but we'll see.
 

bmcpanel

Well-Known Member
Jun 1, 2002
544
0
316
part of the problem too is that even if you delete it from the user's cgi-bin and maybe don't even let them have a cgi-bin, you can still get to it by going to cutomerdomain.com/cgi-sys/cgiemail or customerdomain.com/cgi-sys/formmail.pl or whatever. I've recently started removing the executable bit from a few of these. I don't know if that will survive and upgrade, but we'll see.
I wish cpanel would allow it to be removed completely and not be installed unless a server admin actively installs it. It seems to me to be a bad piece of software and I can see no valid reason for cpanel to have a spam portal installed in the system cgi bin. It is maddening.