The cgi_force_redirect is a configuration directive that prevents anyone from calling directly using a URL. There are servers having cgi_force_redirect as off. The configuration directive cgi_force_redirect prevents anyone from calling PHP directly using a URL. It is necessary to provide security to a server running PHP as a CGI under the server.
The below URL is from a server that didn’t implement cgi_force_redirect.
The below code is the example of redirection in apache configuration.
The impact include:-
This vulnerability can be fixed by:-