Critical open hole in PHP creates risks


Well-known member
Saw this on WHT yesterday. Glad I'm running in FCGI.

I just received an e-mail from my hosting-provider regarding some PHP security issues. My hosting provider is asking whether I am using PHP5 as CGI-Module ? Is this the case with XF-scripts ?

german language:

in english:
Are you on your own server?


XenForo users can go to : admin.php?tools/phpinfo
And under "Server API" it will say something like: 'CGI/FastCGI'


Well-known member
Is this the case with XF-scripts ?
This has nothing to do with the scripts you are running or XenForo.

It's a matter of your general webserver/PHP config.

As Floris mentioned, you can look it up via XenForo/phpinfo though.

Adam Howard

Well-known member
Thankfully this does not seem to affect any of the sites I visit (including ..... Yes, I tried).