---
title: "Disable default cPanel guestbook CGI script"
description: "In this article we'll discuss the built-in guestbook.cgi script that is available from cPanel, and how to disable it in case it is causing your website to fail a PCI compliance scan. If you happened..."
url: https://www.inmotionhosting.com/support/edu/cpanel/disable-cpanel-guestbook-cgi-script/
date: 2012-11-07
modified: 2023-10-09
author: "InMotion Hosting Contributor"
categories: ["cPanel"]
type: post
lang: en
---

# Disable default cPanel guestbook CGI script

In this article we’ll discuss the built-in **guestbook.cgi** script that is available from cPanel, and how to disable it in case it is causing your website to fail a PCI compliance scan. If you happened to have read our previous article on [how to pass PCI compliance scans](/support/security/how-to-pass-pci-scans/), the cPanel **/cgi-sys/guestbook.cgi** script is a common test that will cause a PCI scan to fail for your website.

Disabling the cPanel **guestbook.cgi** script requires two steps, first accessing the **Feature Manager** in WHM (Web Host Manager) with [root access](/support/server/ssh/root-access-faq/) already being setup on your server to disable the feature showing up in cPanel so a user doesn’t try to install it and ends up with an error. Then you need to [login to your server via SSH](/support/server/ssh/how-to-login-ssh/) as the root user to modify your Apache configuration to prevent the script from being accessible.

You can follow the steps below in order to disable this script so that you can pass a PCI scan that is failing your website for having it enabled.

1. [Log into WHM](/support/edu/whm/log-into-whm/).
2. In the **Find** box type in **feature**, then click on **Feature Manager**. [![whm-click-on-feature-manager](https://www.inmotionhosting.com/support/wp-content/uploads/2012/11/website_website-troubleshooting_pci-compliance_whm-click-on-feature-manager.png)](/support/wp-content/uploads/2012/11/website_website-troubleshooting_pci-compliance_whm-click-on-feature-manager.png)
3. Under the **Edit a Feature List** drop-down, leave **default** selected, then click on **Edit**. [![whm-feature-manager-click-on-edit](https://www.inmotionhosting.com/support/wp-content/uploads/2012/11/website_website-troubleshooting_pci-compliance_whm-feature-manager-click-on-edit.png)](/support/wp-content/uploads/2012/11/website_website-troubleshooting_pci-compliance_whm-feature-manager-click-on-edit.png)
4. Scroll down the page and un-check **Simple Guestbook**, then click on **Save** at the bottom of the page. [![whm-feature-manager-uncheck-guestbook-click-save](https://www.inmotionhosting.com/support/wp-content/uploads/2012/11/website_website-troubleshooting_pci-compliance_whm-feature-manager-uncheck-guestbook-click-save.png)](/support/wp-content/uploads/2012/11/website_website-troubleshooting_pci-compliance_whm-feature-manager-uncheck-guestbook-click-save.png)
5. You should now see that the **default** feature list was saved. [![whm-feature-manager-saved](https://www.inmotionhosting.com/support/wp-content/uploads/2012/11/website_website-troubleshooting_pci-compliance_whm-feature-manager-saved.png)](/support/wp-content/uploads/2012/11/website_website-troubleshooting_pci-compliance_whm-feature-manager-saved.png)
6. Now when viewing the **CGI Center** in cPanel, you’ll notice the **Simple GuestBook** link is no longer available. [![cpanel-cgi-center-minus-guestbook](https://www.inmotionhosting.com/support/wp-content/uploads/2012/11/website_website-troubleshooting_pci-compliance_cpanel-cgi-center-minus-guestbook.png)](/support/wp-content/uploads/2012/11/website_website-troubleshooting_pci-compliance_cpanel-cgi-center-minus-guestbook.png)
7. Now to disable the script from being accessible [log into your server via SSH](/support/server/ssh/how-to-login-ssh/).
8. Make a copy of your current Apache configuration with the following command: cp -frp /usr/local/apache/conf/httpd.conf{,.backup}
9. Now edit your Apache configuration with your favorite text editor, in this example we are using **vim**. vim /usr/local/apache/conf/httpd.conf Navigate down to your **VirtualHosts** section for your domain which should look like the following: <VirtualHost 123.123.123.123:80> ServerName example.com ServerAlias www.example.com DocumentRoot /home/dummydom/public_html ServerAdmin webmaster@example.com ## User dummydom # Needed for Cpanel::ApacheConf <IfModule mod_suphp.c> suPHP_UserGroup dummydom dummydom </IfModule> <IfModule !mod_disable_suexec.c> <IfModule !mod_ruid2.c> SuexecUserGroup dummydom dummydom </IfModule> </IfModule> <IfModule mod_ruid2.c> RUidGid dummydom dummydom </IfModule> CustomLog /usr/local/apache/domlogs/example.com-bytes_log "%{%s}t %I .\n%{%s}t %O ." CustomLog /usr/local/apache/domlogs/example.com combined ScriptAlias /cgi-bin/ /home/dummydom/public_html/cgi-bin/ # To customize this VirtualHost use an include file at the following location # Include "/usr/local/apache/conf/userdata/std/2/yourdom/example.com/*.conf" </VirtualHost> You’ll want to uncomment the following line: # Include "/usr/local/apache/conf/userdata/std/2/dummydom/example.com/*.conf" By placing your cursor over the pound symbol **#** and hitting **Delete** on your keyboard: Include "/usr/local/apache/conf/userdata/std/2/dummydom/example.com/*.conf" Now you can save the file by hitting **:** to enter command mode, and then entering in **wq** for **w**rite and **q**uit.
10. Next create the Apache include directory with the following command of course using the paths for your account instead of this example one: mkdir -p /usr/local/apache/conf/userdata/std/2/dummydom/example.com/
11. Now you’ll want to echo the following value into a **disable_cgisys.conf** file inside that directory you just created: echo "ScriptAlias /cgi-sys/ /home/dummydom/public_html/cgi-bin/" > /usr/local/apache/conf/userdata/std/2/dummydom/example.com/disable_cgisys.conf
12. Next rebuild the Apache configuration so that the new include path is built-in with the following command: /scripts/rebuildhttpdconf You should get back the response: Built /usr/local/apache/conf/httpd.conf OK
13. Now you want to restart Apache using the following command: service httpd restart
14. Finally you’ll want to create a symbolic link to handle HTTPS requests as well in case you have an SSL certificate setup on your domain using the following command: ln -s /usr/local/apache/conf/userdata/std/2/dummydom/example.com/disable_cgisys.conf /usr/local/apache/conf/userdata/ssl/2/dummydom/example.com/disable_cgisys.conf The difference above is the **/std/** and **/ssl/** part of the path.
15. Now if you try to view a guestbook page you’ll see it is no longer found: [![guestbook-cgi-not-found](https://www.inmotionhosting.com/support/wp-content/uploads/2012/11/website_website-troubleshooting_pci-compliance_guestbook-cgi-not-found.png)](/support/wp-content/uploads/2012/11/website_website-troubleshooting_pci-compliance_guestbook-cgi-not-found.png)

So now that the cPanel **guestbook.cgi** script is no longer accessible on the server, you should be able to pass a PCI scan that previously had failed your website for having it accessible. If you run into any other issues in your scan, please note that it is possible to [disable other cPanel features](https://www.inmotionhosting.com/support/edu/cpanel/how-to-disable-cpanel-on-your-dedicated-server/) that might pose potential risks or compliance concerns.
