Common Gateway Interface

The Common Gateway Interface (CGI ) is a standard for exchanging data between a Web server and third software that handled the requests. CGI is to make a long established variant, web pages dynamically and interactively, go back to their initial thoughts on the year 1993.

Operation

A Web server that supports CGI, represents the external software a run -time environment, which consists in particular of the following:

Benefits

Instead of loading only static pages from a web server that are there as a resource, it is with CGI also possible to generate HTML pages dynamically. This must at the time of request do not exist on the server, but can be generated by the CGI program.

In addition, CGI programs can be written in many programming languages ​​, as the requirements do not go beyond the Above mentioned.

Disadvantages

A disadvantage of the CGI execution is their relatively low speed, since for each CGI call a new process is executed. On high-traffic sites, CGI will now therefore no longer used so often because even approaches such as FastCGI, which abolishes certain disadvantages of CGI, at least could not prevail on a broad front.

To address this problem, there are now, for example, for the Apache web server modules that the interpreter for various scripting languages ​​(eg Perl mod_perl, mod_python for Python, etc. ) can be included directly into the web server process. This is only loaded once when the web server, rather than with each new request. Another, often more efficient way is to run as external processes, the programs and those to pass the requests of the browser via FastCGI. Here, unlike in the integration as an Apache module, not just the interpreter of the language run permanently be left, and the application itself can be loaded all the time and so process incoming requests more efficiently.

Security

That program, which has created a third party can be executed on the web server, is relevant to safety in the highest degree. Therefore, make sure that any running via CGI program is allowed to perform only certain, limited types of program routines ( eg, no deleting files of the web server, etc.). In the Apache web server to run CGI programs is secured with the help of the module suexec against such cracker attacks that the intrusion as the root user to the destination. The security measures are built in several stages and so strict that many server administrators have started to let other server-side languages ​​run on CGI.

Other server-side technologies

• FastCGI
• SCGI
• Servlet

• Active Server Pages (ASP)
• ASP.NET
• ColdFusion
• JSP
• PHP
• Server Side Includes ( SSI)