Apache > HTTP Server > Documentation > Version 2.4 > Modules

Apache Module mod_cgi

Available Languages:  en  |  fr  |  ja  |  ko 

Description:Execution of CGI scripts
Module Identifier:cgi_module
Source File:mod_cgi.c


Any file that has the handler cgi-script will be treated as a CGI script, and run by the server, with its output being returned to the client. Files acquire this handler either by having a name containing an extension defined by the AddHandler directive, or by being in a ScriptAlias directory.

For an introduction to using CGI scripts with Apache, see our tutorial on Dynamic Content With CGI.

When using a multi-threaded MPM under unix, the module mod_cgid should be used in place of this module. At the user level, the two modules are essentially identical.

For backward-compatibility, the cgi-script handler will also be activated for any file with the mime-type application/x-httpd-cgi. The use of the magic mime-type is deprecated.

Support Apache!



Bugfix checklist

See also


CGI Environment variables

The server will set the CGI environment variables as described in the CGI specification, with the following provisions:

This will not be available if the AcceptPathInfo directive is explicitly set to off. The default behavior, if AcceptPathInfo is not given, is that mod_cgi will accept path info (trailing /more/path/info following the script filename in the URI), while the core server will return a 404 NOT FOUND error for requests with additional path info. Omitting the AcceptPathInfo directive has the same effect as setting it On for mod_cgi requests.
This will only be set if HostnameLookups is set to on (it is off by default), and if a reverse DNS lookup of the accessing host's address indeed finds a host name.
This will only be set if IdentityCheck is set to on and the accessing host supports the ident protocol. Note that the contents of this variable cannot be relied upon because it can easily be faked, and if there is a proxy between the client and the server, it is usually totally useless.
This will only be set if the CGI script is subject to authentication.

This module also leverages the core functions ap_add_common_vars and ap_add_cgi_vars to add environment variables like:

Set with the content of the related DocumentRoot directive.
The fully qualified domain name related to the request.
The IP address of the Virtual Host serving the request.
Set with the content of the related ServerAdmin directive.

For an exhaustive list it is suggested to write a basic CGI script that dumps all the environment variables passed by Apache in a convenient format.


CGI Debugging

Debugging CGI scripts has traditionally been difficult, mainly because it has not been possible to study the output (standard output and error) for scripts which are failing to run properly. These directives provide more detailed logging of errors when they occur.

CGI Logfile Format

When configured, the CGI error log logs any CGI which does not execute properly. Each CGI script which fails to operate causes several lines of information to be logged. The first two lines are always of the format:

%% [time] request-line
%% HTTP-status CGI-script-filename

If the error is that CGI script cannot be run, the log file will contain an extra two lines:


Alternatively, if the error is the result of the script returning incorrect header information (often due to a bug in the script), the following information is logged:

All HTTP request headers received
POST or PUT entity (if any)
All headers output by the CGI script
CGI standard output
CGI standard error

(The %stdout and %stderr parts may be missing if the script did not output anything on standard output or standard error).


CGIScriptTimeout Directive

Description:The length of time to wait for more output from the CGI program
Syntax:CGIScriptTimeout time[s|ms]
Default:value of Timeout directive when unset
Context:server config, virtual host, directory, .htaccess
Compatibility:Available in version 2.4.59 and later.

This directive limits the length of time to wait for more output from the CGI program. If the time is exceeded, the request and CGI are terminated.


CGIScriptTimeout 20

ScriptLog Directive

Description:Location of the CGI script error logfile
Syntax:ScriptLog file-path
Context:server config, virtual host
Module:mod_cgi, mod_cgid

The ScriptLog directive sets the CGI script error logfile. If no ScriptLog is given, no error log is created. If given, any CGI errors are logged into the filename given as argument. If this is a relative file or path it is taken relative to the ServerRoot.


ScriptLog logs/cgi_log

This log will be opened as the user the child processes run as, i.e. the user specified in the main User directive. This means that either the directory the script log is in needs to be writable by that user or the file needs to be manually created and set to be writable by that user. If you place the script log in your main logs directory, do NOT change the directory permissions to make it writable by the user the child processes run as.

Note that script logging is meant to be a debugging feature when writing CGI scripts, and is not meant to be activated continuously on running servers. It is not optimized for speed or efficiency, and may have security problems if used in a manner other than that for which it was designed.


ScriptLogBuffer Directive

Description:Maximum amount of PUT or POST requests that will be recorded in the scriptlog
Syntax:ScriptLogBuffer bytes
Default:ScriptLogBuffer 1024
Context:server config, virtual host
Module:mod_cgi, mod_cgid

The size of any PUT or POST entity body that is logged to the file is limited, to prevent the log file growing too big too quickly if large bodies are being received. By default, up to 1024 bytes are logged, but this can be changed with this directive.


ScriptLogLength Directive

Description:Size limit of the CGI script logfile
Syntax:ScriptLogLength bytes
Default:ScriptLogLength 10385760
Context:server config, virtual host
Module:mod_cgi, mod_cgid

ScriptLogLength can be used to limit the size of the CGI script logfile. Since the logfile logs a lot of information per CGI error (all request headers, all script output) it can grow to be a big file. To prevent problems due to unbounded growth, this directive can be used to set an maximum file-size for the CGI logfile. If the file exceeds this size, no more information will be written to it.

Available Languages:  en  |  fr  |  ja  |  ko 



This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Libera.chat, or sent to our mailing lists.