Cli

Hello,

One of my customers want to use shtml (server side scripting). But when i try’s the page is black.
And on another host its shows the day from today

Can someone help?

Look in /etc/httpd/conf/httpd.conf for the following two lines:

#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml

Uncomment them. Then, for each account that you want to enable SSI on, edit their vhost conf file (/etc/httpd/conf.d/domain.com.conf) and add Options +Includes:

<Directory /home/domainco/domain.com/html>
  AllowOverride AuthConfig FileInfo Options Limit Indexes
  Options +ExecCGI +Includes
</Directory>

Then restart Apache.

it work’s now, but can i set it default enable for all users?

You could probably add:


Options +Includes

To the main httpd.conf file. Check the Apache docs because Apache has specific rules on how overlapping Options directives are merged:
http://httpd.apache.org/docs/2.0/mod/core.html#options
http://httpd.apache.org/docs/2.0/sections.html#mergin

Thanks, it works now :wink:

I really recommand to also set

IncludesNOEXEC

To not able your client to do something like

<pre>
<!–#exec cmd=“cat /etc/passwd” -->
</pre>

well to not allow your client to execute a sh script/binary

Pascal

Then it will like this:

Options +Includes IncludesNOEXEC

?

No only do

+IncludesNOEXEC

For example create an shtml file with :

<!–#config timefmt="%A %d %B %Y" -->
Today is <!–#echo var=“DATE_LOCAL” -->
<br />
<!–#exec cmd=“ls /home/account/public_html/” -->

You’ll then see

Today is Sunday 04 February 2007
[an error occurred while processing this directive]

The Exec is rejected

Pascal

Late response but thanks, yes i got

the date…
[an error occurred while processing this directive]

Thanks, great :wink:

happy to know it works :wink: