Security for webserver behind router?
Jay O'Brien
jayobrien at att.net
Wed Jan 19 22:05:42 PST 2005
Anthony Atkielski wrote:
> Jay O'Brien writes:
>
> JOB> Thanks, but what I want to know is what risk I have with port 80,
> JOB> and only port 80 open.
>
> The risk depends on Apache, since that's the daemon answering the phone
> when someone calls in on port 80.
>
> Just make sure you're using the latest version of Apache (1.3.33, if you
> want the 1.x version, or 2.0.52, if you want the 2.x version). Some
> earlier versions are vulnerable. As long as Apache is secure, port 80
> can be open.
>
I am running Apache 1.3.33, as you suggest I should. You say "as long as
Apache is secure"; what should I do to be sure that Apache is secure?
If there isn't a security risk with the FreeBSD system I've described,
maybe this question belongs on the Apache mailing list, not here?
Jay
More information about the freebsd-questions
mailing list