PHP: Case 2: using --enable-force-cgi-redirect

Last updated: Fri, 09 May 2008

Case 2: using --enable-force-cgi-redirect

This compile-time option prevents anyone from calling PHP directly with a URL like http://my.host/cgi-bin/php/secretdir/script.php. Instead, PHP will only parse in this mode if it has gone through a web server redirect rule.

Usually the redirection in the Apache configuration is done with the following directives:

Action php-script /cgi-bin/php
AddHandler php-script .php

This option has only been tested with the Apache web server, and relies on Apache to set the non-standard CGI environment variable REDIRECT_STATUS on redirected requests. If your web server does not support any way of telling if the request is direct or redirected, you cannot use this option and you must use one of the other ways of running the CGI version documented here.

Case 3: setting doc_root or user_dir

Case 1: only public files served

Last updated: Fri, 09 May 2008

add a note User Contributed Notes
Case 2: using --enable-force-cgi-redirect

mega-squall at caramail dot com
13-Jan-2008 10:36


Contrary to what was said, you can use arbitrary names for your MIME Type ...

However there's a restriction as it must be a valid MIME Type.

For instance, this is working perfectly :



AddHandler application/x-httpd-php4 .php4

AddHandler application/x-httpd-php5 .php5 .php

AddHandler application/x-httpd-php6 .php6

gelgin at internut dot com
26-Apr-2007 06:08


solaris 9 php4.4.0

i have found you can't use arbitrary names ie.



AddType application/x-httpd-php .php



works



#AddHandler php4-script .php



won't do must be 



AddHandler application/x-httpd-php

celtic at sairyx dot org
15-Dec-2006 01:24


Note that force-redirect doesn't work with IIS at all; it'll tell you to go away, as IIS doesn't supply the right variables to PHP.



php.ini tells you to turn it off, so make sure you do.

add a note

Case 3: setting doc_root or user_dir

Case 1: only public files served

Last updated: Fri, 09 May 2008