Using Perl CGI-Hooks on a Dreamhost server

software development

#1

Hi all,

I was curious wether there is a way to get the following script working.
It works for every server tested but not for Dreamhost.
Is it possible to get it working or was choosing Dreamhost just wrong?

#!/usr/bin/perl
use strict;
use warnings;
use File::Slurp;
use CGI;

run();

sub run {
my $logfile = ‘test.txt’;

my $cgi = CGI->new(&hook, $logfile);

print $cgi->header(‘text/html’),
$cgi->start_html,
$cgi->p( ‘Upload done’ ),
$cgi->end_html;
return;
}

sub hook {
my ($filename, $buffer, $bytes_read, $logfile) = @_;
append_file $logfile, \ sprintf("%d: %d\n", time, $bytes_read);
}

The problem is that the CGI->Hook is called after the upload and not like with all other servers during the upload.

I already tried using a newer CGI version (3.48) however that did not fix the Dreamhost bug.

Does anyone know which server settings have to be changed?


#2

Betcha it’s mod_security scanning the uploaded data before it gets passed to the CGI script. Turn off mod_security for this domain (from Manage Domains) and see if that does the trick.


#3

Thanks alot!

I tried to add a .htaccess file with:

SecFilterEngine Off
SecFilterScanPOST Off

However it does not work:

.htaccess: Invalid command ‘SecFilterEngine’, perhaps misspelled or defined by a module not included in the server configuration

.htaccess: Invalid command ‘SecFilterScanPOST’, perhaps misspelled or defined by a module not included in the server configuration

So I tried disabling security2_module by:
SecRuleEngine Off

It causes an error too:

.htaccess: SecRuleEngine not allowed here

Any other ideas?

Does that mean i have to turn off security2_module for all files?


#4

<IfModule mod_security.c> SecFilterScanPOST Off </IfModule>Error?

Maximum Cash Discount on any plan with MAXCASH

How To Install PHP.INI / ionCube on DreamHost


#5

Hi sXi,

thanks for your response.

I tried your code and it does not raise an error.
But also it doesn’t change anything.

I guess there is no mod_security.c module installed but the security2_module.

The security2_module does not support .htaccess filter settings anymore.
I read that changes have to be done in the vhosts.conf using ‘SecRuleEngine Off’ however dreamhost won’t let you edit the vhosts.conf will they?


#6

I believe it’s handled on a per domain basis.

What’s the status of Extra Web Security in Domains > Manage Domains?

Maximum Cash Discount on any plan with MAXCASH

How To Install PHP.INI / ionCube on DreamHost