Apache Security Tip: Serve php / cgi file using different file type / extension
It is possible to serve .php or .cgi / .pl file using different file type / extension name. This will improve security. For example, server .html as .php file, add following to your httpd.conf or .htaccess file:
# serve .html files as php files
AddType application/x-httpd-php .html
# serve .nix files as cgi files
AddType application/x-httpd-cgi .nix
If you are using Lighttpd web server add following to serve php as .html file:
fastcgi.map-extensions = ( ".html" => ".php" )
Want to stay up to date with the latest Linux tips, news and announcements? Subscribe to our free e-mail newsletter or full RSS feed to get all updates.
You can Email this page to a friend.
You may also be interested in...
- Linux text utilities - an overview of text tools for noobs
- Moving /home data from old system to new Linux system
- UNIX tools for exploring object files - Learn more about your system
- UNIX File maintenance tools, tips and how tos collection
- Join a Windows Domain From Linux / UNIX Computer Using Samba
Discussion on This Article:
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
Tags: cgi files, change script extension, extension name, htaccess file, html files, html php, httpd, improve security, php files, php html, web server ~ Last updated on: December 3, 2007



“This will improve security. ”
I may be being thick here, but how so?
Security through obscurity? Yeah, you’ll confuse some of the punk element, but that’s about it. And you’re adding a _ton_ of effort if you want to use any mainstream web application.