Security Alert! The PHP CGI cannot be accessed directly

I have setup php 5.3.5 on IIS7 web server but when try to check the php info page it is throwing error
 

HTTP Error 502.2 - Bad Gateway

The specified CGI application misbehaved by not returning a complete set of HTTP headers. The headers it did return are "<b>Security Alert!</b> The PHP CGI cannot be accessed directly. <p>This PHP CGI binary was compiled with force-cgi-redirect enabled. This means that a page will only be served up if the REDIRECT_STATUS CGI variable is set, e.g. via an Apache Action directive.</p> <p>For more information as to <i>why</i> this behaviour exists, see the <a href="http://php.net/security.cgi-bin">manual page for CGI security</a>.</p> <p>For more information about changing this behaviour or re-enabling this webserver, consult the installation file that came with this distribution, or visit <a href="http://php.net/install.windows">the manual page</a>.</p> ".

 

<quote from="php.ini">
; cgi.force_redirect is necessary to provide security running PHP as a CGI under
; most web servers. Left undefined, PHP turns this on by default. You can
; turn it off here AT YOUR OWN RISK
; **You CAN safely turn this off for IIS, in fact, you MUST.**
; cgi.force_redirect = 1
cgi.force_redirect = 0

; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape 
; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
; will look for to know it is OK to continue execution. Setting this variable MAY
; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
; cgi.redirect_status_env = ;
</quote>

you have to set a env too like

cgi.redirect_status_env ="yes";

if it works? tell me?

HC use old_password mechanism for mysql db. We already tried 5.3.x version but click apps wasnot working.
Is there any option where we could configure PHP 5.3.5 to use both Old and new mysql password characters ?

Security Alert! The PHP CGI cannot be accessed directly. Hosting Security and Technology.