Security Alert

Jaspal

I have managed to installed PHP ( for the 5th time )on my system with Mysql.

I keep getting this message, I have looked at the php.ini file.

I downloaded the latest version of php. So I took the php.ini-recommended file and renamed it to php.ini and placed it in the windows directory.

But it still keeps on showing.

I have set my PWS to excute the scripts under PHP.

I have pasted a portion of php.ini for someone to check and see --where I am going wrong.

---error message

Security Alert! The PHP CGI cannot be accessed directly.
This PHP CGI binary was compiled with force-cgi-redirect enabled. This means that a page will only be served up if the REDIRECT_STATUS CGI variable is set, e.g. via an Apache Action directive.

For more information as to why this behaviour exists, see the manual page for CGI security.

For more information about changing this behaviour or re-enabling this webserver, consult the installation file that came with this distribution, or visit the manual page.

---error message

-------------php.ini
;;;;;;;;;;;;;;;;;;;;;;;;;
; Paths and Directories ;
;;;;;;;;;;;;;;;;;;;;;;;;;

; UNIX: "/path1:/path2"

;include_path = ".:/php/includes"
;
; Windows: "\path1;\path2"
;include_path = ".;c:\php\includes"

; The root of the PHP pages, used only if nonempty.
; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
; if you are running php as a CGI under any web server (other than IIS)
; see documentation for security issues. The alternate is to use the
; cgi.force_redirect configuration below
doc_root ="C:\Inetpub\wwwroot"

NOTE--I have tried it with and without the wwwroot directory

; The directory under which PHP opens the script using /~usernamem used only
; if nonempty.
user_dir =

; Directory in which the loadable extensions (modules) reside.
extension_dir = C:\PHP\extensions\

; Whether or not to enable the dl() function. The dl() function does NOT work
; properly in multithreaded servers, such as IIS or Zeus, and is automatically
; disabled on them.
enable_dl = On

; cgi.force_redirect is necessary to provide security running PHP as a CGI under
; most web servers. Left undefined, PHP turns this on by default. You can
; turn it off here AT YOUR OWN RISK
; You CAN safely turn this off for IIS, in fact, you MUST.
; cgi.force_redirect =1

; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
; will look for to know it is OK to continue execution. Setting this variable MAY
; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
; cgi.redirect_status_env =;

-------------php.ini