Forum

CGIWrapper does not work after upgrade

Samiux
12 May 2010, 06:31


Hiawatha version: 7.2
Operating System: Ubuntu Server 10.04 LTS

CGIWrapper works flawlessly. However, when I upgraded Ubuntu to 10.04 and Hiawatha to 7.2, it does not work and produces "403 - Forbidden" error message.

Any idea?
Hugo Leisink
12 May 2010, 09:19
The CGI-wrapper works fine here in 7.2, so I think it's some change in Ubuntu that cause the problem.

Is AppArmore enabled? What does the errorlogfile say?
Samiux
12 May 2010, 11:39
The error message is something like "no valid CGIWrapper handler". Yes, Apparmor is implemented.

Now, I disabled CGIWrapper but using Apparmor only. Is it okay or secure enough?
Hugo Leisink
12 May 2010, 12:05
I think AppArmor is blocking access to the CGI-handler for the CGI-wrapper. You should configure AppArmore for the CGI-wrapper.

If it is secure enough depends on the web application. What web application is it you want extra security for?
Samiux
12 May 2010, 12:17
I am running Banshee PHP Framework right now. I think it is secure enough. However, I would like to implement Xataface which is also a PHP framework. I have doubt that if it is secure or not.

For the CGIWrapper, I will test it later when I have spare time.

Thank you.
Hugo Leisink
12 May 2010, 12:19
Yes, the Banshee framework is secure enough . Banshee has built-in protection against SQL injection, XSS and XSRF.

You should only use the CGI-wrapper if you want somebody else to run CGI-scripts on your machine but you're not sure if they're secure enough.
Samiux
12 May 2010, 12:25
Really? Banshee is a great product indeed. However, it needs improvement at the moment. Here is my site [www.debian-inside.com].

I will build another site which will use Xataface as I need a web-based application instead of a CMS.

Thank you.
Samiux
12 May 2010, 17:10
CGIWrapper works flawlessly now.

I found that the settings at hiawatha.conf and cgi-wrapper of php5-cgi are not consistent that cause the "403 - Forbidden" error.

Please amend them accordingly. For your information, please.

Thank you.
This topic has been closed.