surabaya web designer
cheap web promotion indonesia
design graphics and online shopping cart
     category      articles    
 

Adsense

Adwords

Article

Blog

CMS

CSS Style

Datacenter

Design Graphics

Flash Animation

Internet Radio

Messenger

Programming

Provider

Search Engine

Security

Security Web

SEF

SEO

Software

Software Web

CGICommandArgs directive

Syntax: CGICommandArgs On|Off
Default: CGICommandArgs On
Context: directory, .htaccess
Override: Options
Status: core
Compatibility: Available in Apache 1.3.24 and later.

Way back when the internet was a safer, more naive place, it was convenient for the server to take a query string that did not contain an '=' sign and to parse and pass it to a CGI program as command line args. For example, <IsIndex> generated searches often work in this way. The default behavior in Apache is to maintain this behavior for backwards compatibility, although it is generally regarded as unsafe practice today. Most CGI programs do not take command line parameters, but among those that do, many are unaware of this method of passing arguments and are therefore vulnerable to malicious clients passing unsafe material in this way. Setting CGICommandArgs Off is recommended to protect such scripts with little loss in functionality.

OTHER ARTICLES

Sendmail using PHP

htaccess Useful

Prevent htaccess From Hack 2

AuthName directive for Apache

AuthDigestRealmSeed directive for Apache

AccessConfig directive for Apache

AuthType directive for Apache

AccessFileName directive for Apache

Passing value from child window to parent

Count how many days