The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security Alert! The PHP CGI cannot be accessed directly

Discussion in 'Security' started by Arvand, Apr 29, 2005.

  1. Arvand

    Arvand Well-Known Member
    PartnerNOC

    Joined:
    Jul 26, 2003
    Messages:
    130
    Likes Received:
    1
    Trophy Points:
    18
    Hello,

    Just recently two of my servers started giving me this when a php script was called (phpsuexec is on):

    It gets resolved by /scripts/easyapache but the fact that it happens by itself at a random time is bad as customer websites that run on php will be down for that period. Both servers are dual Xeons running the latest release.
     
  2. gemby

    gemby Well-Known Member
    PartnerNOC

    Joined:
    Feb 16, 2002
    Messages:
    182
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Pula, Croatia
    cPanel Access Level:
    DataCenter Provider
    I also have two affected servers, just doing /scripts/easyapache and see what hepens.
     
  3. KrystalS

    KrystalS Active Member

    Joined:
    Mar 15, 2004
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    UK
    Same

    One of my servers was affected too.
     
  4. gemby

    gemby Well-Known Member
    PartnerNOC

    Joined:
    Feb 16, 2002
    Messages:
    182
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Pula, Croatia
    cPanel Access Level:
    DataCenter Provider
    It looks like /scripts/easyapache helps, anyone know is it permanent solution or it will stop working again after some time?
     
  5. Arvand

    Arvand Well-Known Member
    PartnerNOC

    Joined:
    Jul 26, 2003
    Messages:
    130
    Likes Received:
    1
    Trophy Points:
    18
    All good questions that need to be addressed by cPanel. All I know is that I am going away for the weekend and I can't afford to have this happening on the servers with another tech person on call.
     
  6. brainx

    brainx Member

    Joined:
    Jul 9, 2003
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    Same problem here.

    /scripts/updatenow and /scripts/easyapache does not work.

    /scripts/updatenow
    Sync Source: http://httpupdate.cpanel.net/STABLE/scripts
    Fetching http://httpupdate.cpanel.net/cpanelsync/STABLE/scripts/.cpanelsync.lock....Trying httpupdate.cpanel.net @ 69.72.164.152
    Error 404 while fetching url http://httpupdate.cpanel.net//cpanelsync/STABLE/scripts/.cpanelsync.lock
    ...Done
    Fetching http://httpupdate.cpanel.net/cpanelsync/STABLE/scripts/.cpanelsync.bz2....Trying httpupdate.cpanel.net @ 69.72.164.151
    Error 404 while fetching url http://httpupdate.cpanel.net//cpanelsync/STABLE/scripts/.cpanelsync.bz2
    ...Done
     
  7. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    That problem is not related to this thread, trying using search for "Error 404 while fetching url"
     
  8. brainx

    brainx Member

    Joined:
    Jul 9, 2003
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    Ok but we get the same message:

    "Security Alert! The PHP CGI cannot be accessed directly."

    And we try to run any of the following we get the 404 errors:

    /scripts/updatenow
    /scripts/easyapache
    /scripts/upcp

    What do you suggest?
    Thanks
     
  9. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    I would suggest moving off of STABLE and onto the RELEASE tree which is the recommended tree to use. RELEASE is actually more secure and stable than STABLE.
     
  10. brainx

    brainx Member

    Joined:
    Jul 9, 2003
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    Changed cpanel update config to Release

    Then;
    rm /var/cpanel/version/9.9.9.1
    /scripts/upcp
    /scripts/easyapache solved this problem

    Thanks for the help!
     
  11. brianc

    brianc Well-Known Member

    Joined:
    May 16, 2003
    Messages:
    141
    Likes Received:
    0
    Trophy Points:
    16
    Same problem

    Hi All:

    Just for the record, I had the same problem on 2 servers. Both of them dual xeons. Running EasyApache corrects the problem. Both issues corresponded with the server's nightly updates. I have them on "Automatic (RELEASE tree)". I feel this is a Cpanel issue, especially when it happened to this many people at the same time and my concern is: will it repeat itself tonight?

    Brian
     
  12. Faldran

    Faldran Well-Known Member

    Joined:
    May 28, 2002
    Messages:
    136
    Likes Received:
    0
    Trophy Points:
    16
    Looks like good reason to use manual only updates...

    Sounds like an update from OS updated something in the PERL, which in turn broke your php, I have had that happen in the past before..

    I do believe that is not caused by cpanel, as they were not the ones that issued that particular upgrade, but came from upstream of them..
     
  13. TAK

    TAK Well-Known Member

    Joined:
    Dec 10, 2003
    Messages:
    64
    Likes Received:
    0
    Trophy Points:
    6
    Got this on one server after updating to the latest stable (the which causes conertemail problems). Rebuilding apache and making a few adjustments worked for me, but was a huge annoyance.
     
  14. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    For those that have had this problem, don't forget to log it in bugzilla if it hasn't already been done, otherwise cPanel may not be awar of the problem to fix it.
     
  15. gemby

    gemby Well-Known Member
    PartnerNOC

    Joined:
    Feb 16, 2002
    Messages:
    182
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Pula, Croatia
    cPanel Access Level:
    DataCenter Provider
    I am runing latest release, with nightly updates disabled, so i thonk it is not nightly build issue, but it exists.
    Machines that i rebuilt this morning, still works fine....i wonder is it a permanent solution?
     
  16. gemby

    gemby Well-Known Member
    PartnerNOC

    Joined:
    Feb 16, 2002
    Messages:
    182
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Pula, Croatia
    cPanel Access Level:
    DataCenter Provider
    I creatd bug report, it is bug #2394...please add more notes if i forgot something :))
     
  17. nat

    nat Well-Known Member

    Joined:
    Jan 16, 2003
    Messages:
    204
    Likes Received:
    0
    Trophy Points:
    16
    Just started today for me. 3 servers so far.

    All running WHM 9.9.9 cPanel 9.9.9-S15 RedHat Enterprise 3 i686 - WHM X v3.1.0.

    cPanel/WHM Updates: Manual Updates Only (STABLE tree)
    cPanel Package Updates: Manual Updates Only
    Security Package Updates: Manual Updates Only







    http://bugzilla.cpanel.net/show_bug.cgi?id=2394


    "------- Additional Comment #1 From Billy Vierra 2005-05-02 19:33 -------
    Please consult forums.cpanel.net this has been discussed before and is not a
    cpanel bug"

    I consulted the forums. This appeared on a bunch of servers all at once right after upcp cron ran. Since I can't find the solution? what is the solution.
     
    #17 nat, May 5, 2005
    Last edited: May 5, 2005
  18. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    The solution is in this thread and mentioned several times - rebuild apache.
     
  19. Arvand

    Arvand Well-Known Member
    PartnerNOC

    Joined:
    Jul 26, 2003
    Messages:
    130
    Likes Received:
    1
    Trophy Points:
    18
    Hows that a solution? Is the solution to Spamd breaking (Exim errors) restart exim? When this happens, all sites on your server that use PHP stop functioning. This means that until you rebuild PHP, majority of the sites are down. Since the server still responds, monitoring systems still consider the server up and your sites could be down for hours. The solution is NOT rebuilding PHP. That is a temporary fix until something is done so this doesn't happen randomly.
     
  20. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Well it is certainly a solution. If you need the reason why, you're going to have to log a ticket with cPanel or persue the bugzilla entry and ask them.
     
Loading...

Share This Page