Home / server / Questions / 540235
Accepted
Anthony
Asked: 2013-09-20 08:11:16 +0800 CST

Under What Conditions May PHP Server Variables Be Disabled

  • 772

As per the question: "Under What Conditions May PHP Server Variables Be Disabled".

Basically on Shared Hosting I am using I can choose to run my website in 'Apache' or 'CGI' mode. When running in 'CGI' mode the PHP Server Variable 'https' is not available, it simply does not exist where in 'Apache' mode it does.

Would this be a result of Safe Mode? Or something similar? Or would this have to be explicitly disabled in the config of PHP?

That's about it, I have had a lot of trouble trying to find an answer for this.

I am not asking for how they may have their hosting setup, I am asking WHY would certain PHP Variables be disabled, or in this case specifically the HTTPS variable, and would it be as a result of Manual interaction, PHP config, or part of some other 'system' i.e. PHP Safe Mode. Is the HTTPS variable a security risk?

linux

1 Answers

  1. Best Answer

    Refer to the PHP documentation (which you should have read, searched through, or Googled) - specifically this page, which says:

    Some server supplied environment variables are not defined in the current » CGI/1.1 specification. Only the following variables are defined there: AUTH_TYPE, CONTENT_LENGTH, CONTENT_TYPE, GATEWAY_INTERFACE, PATH_INFO, PATH_TRANSLATED, QUERY_STRING, REMOTE_ADDR, REMOTE_HOST, REMOTE_IDENT, REMOTE_USER, REQUEST_METHOD, SCRIPT_NAME, SERVER_NAME, SERVER_PORT, SERVER_PROTOCOL, and SERVER_SOFTWARE. Everything else should be treated as 'vendor extensions'.

    (Emphasis added.)

    Working As Designed.

    • 0