Andrew Linehan wrote: > Installed php4.2 over previous install as administrator - no problems. > Logged on under different user got this: > > Security Alert! PHP CGI cannot be accessed directly. > This PHP CGI binary was compiled with force-cgi-redirect enabled. This > means that a page will only be served up if the REDIRECT_STATUS CGI > variable is set. This variable is set, for example, by Apache's Action > directive redirect. > > You may disable this restriction by recompiling the PHP binary with > the --disable-force-cgi-redirect switch. If you do this and you have your > PHP CGI binary accessible somewhere in your web tree, people will be able > to circumvent .htaccess security by loading files through the PHP parser. > A good way around this is to define doc_root in your php.ini file to > something other than your top-level DOCUMENT_ROOT. This way you can > separate the part of your web space which uses PHP from the normal part > using .htaccess security. If you do not have any .htaccess restrictions > anywhere on your site you can leave doc_root undefined. If you are running > IIS, you may safely set cgi.force_redirect=0 in php.ini. > > Set force_redirect=0 in php.ini - no change, checked and corrected > security > permissions - no change. Do not use .htaccess security. > > Need help badly, pleeeeeze. hi, you get this security warning because you use a windows platform just open up "php.ini" and find the line cgi_force_redirect=0 (uncomment if necessary) otherwise it doesn't take any effect if you use microsoft iis you have to disable this edit php.ini and all will work fine
regards Erik -- PHP Install Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
