403 Error When Executing PHP in CGI Wrapper Mode

• Ubuntu 10.04 lts,
• Virtualmin 3.89 gpl,
• apache2-suexec-custom (changed "/var/www" to "/home")

When I navigate to mydomain.com the url changes to mydomain.com/cgi-bin and I receive the following error in the browser:

Forbidden. You don’t have permission to access /cgi-bin/ on this server.

and the logged error is

attempt to invoke directory as script: /home/mydomain/cgi-bin/

and my conf:

SuexecUserGroup “#1005” “#1006”
ServerName mydomain.com
ServerAlias www.mydomain.com
ServerAlias webmail.mydomain.com
ServerAlias admin.mydomain.com
DocumentRoot /home/mydomain/public_html
ErrorLog /var/log/virtualmin/mydomain.com_error_log
CustomLog /var/log/virtualmin/mydomain.com_access_log combined
ScriptAlias /cgi-bin/ /home/mydomain/cgi-bin/
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/mydomain/public_html>
Options -Indexes +IncludesNOEXEC +FollowSymLinks +ExecCGI
allow from all
AllowOverride All
Action application/x-httpd-php5 /cgi-bin/php5.cgi
AddType application/x-httpd-php5 .php5
AddType application/x-httpd-php5 .php

<Directory /home/mydomain/cgi-bin>
allow from all

RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.mydomain.com
RewriteRule ^(.) http://mydomain.com:20000/ [R]
RewriteCond %{HTTP_HOST} =admin.mydomain.com
RewriteRule ^(.) https://mydomain.com:12321/ [R]
RemoveHandler .php
RemoveHandler .php5


Any ideas on what I’m missing or not doing correctly?

Howdy,

Some web apps don’t handle newer PHP versions well.

You may want to edit $HOME/etc/php.ini, and set “cgi.fix_pathinfo=0”, I suspect that’ll fix the issues you’re running into.

-Eric

Unfortunately this has no effect.

I don’t think this is related to the php apps (Joomla and Wordpress) I’m running but rather has something to do with the way the user is being handled by apache or my conf settings.

Also, I’m not sure if it’s related but when logged in as the user (as opposed to root) I’m able to navigate out of the home directory.

Aside from changing the php execution mode I have made no other changes to the default settings in virtualmin.

Howdy,

If you look in Server Configuration -> Website Options, what is your PHP Execution Mode currently set to?

How did you install Virtualmin – did you by chance use the install.sh script?

Also, if you go into System Settings -> Re-Check Config, does it notice any problems with your setup, or does everything come up clean?

-Eric

Mode is set to CGI wrapper.

I installed via a webmin module following the instructions here:

http://www.patrickjwaters.com/blog/2011-07-13/my-favorite-web-server-setup-ubuntu-server-lamp-webmin-and-virtualmin/3524

Everything is clean except that I haven’t set up quotas.

Hmm, out of curiosity – are you running any live sites at the moment? Or are you just getting started?

If you’re in a position to format and start from scratch – the install.sh script available in the “Download” link above configures everything for you so that you end up with a working system out of the box.

So the process is:

1. Install Ubuntu 10.04

2. Run install.sh

3. Begin setting up your domains

You can also see the Virtualmin manual installation guide here:

http://www.virtualmin.com/documentation/installation/manual

But that’s much more complex than using the automated install, we highly recommend using that install.sh script if it’s an option

-Eric

Thanks. That solved it. Although users can still navigate out of their home directory.

Although users can still navigate out of their home directory.

Yup! That’s normal behavior. There’s some info on that here:

http://www.virtualmin.com/documentation/security/faq