Internal Server Error when executing ShopSite .cgi's though the secure server URL
When running ShopSite without security turned on, it runs without any problems. But when it's run with security turned on, you get an Internal Server Error when it goes secure.
This problem is usually do to the fact that most machines have two processes running: a secure web server and a regular web server, and often times the two processes are running as two different users.
This causes problems because the permissions will usually be set on the ShopSite files to be writeable by the regular web server, and then the secure web server doesn't have access to the ShopSite files.
Solution ID: S02554
There are a couple of different options to get this to work:
1. You can change the settings on the servers so that they run as the same user. This is a lot easier if it's a new machine; if you already have a lot of information on the server, this may cause some ownership/permissions problems.
2. Make the two users a member of the same group. Then change the group on all of the files to this new group, and make all of the files group writeable.
3. There are also a couple of ways to make the secure web server run the ShopSite scripts as the same user as the regular web server: cgiwrap is one way to do this. However there, have been some problems with cgiwrap and setting up password protection - cgiwrap has to be installed with certain options in order to use any password protection. Also, you can use the suexec feature of Apache (and Stronghold). Lastly, you can set the setUID on the files that the secure web server will run:
~/cgi-bin/bo/orderhandler.cgi
~/cgi-bin/sb/billing.cgi
~/cgi-bin/sb/thankyou.cgi
To set the setUID on a file, do:
$ chmod 4755 orderhandler.cgi
which would create these permissions:
-rwsr-xr-x orderhandler.cgi
NOTE: you must su to root in order to set the set UID on a file.
Related Articles
No related articles were found.
Attachments
No attachments were found.
Visitor Comments