Security for webserver behind router?
Eilko Bos
tafkam at brasapen.org
Thu Jan 20 03:07:33 PST 2005
>From the keyboard of Ted Mittelstaedt, written on Wed, Jan 19, 2005 at 11:25:00PM -0800:
> > I am running Apache 1.3.33, as you suggest I should. You say
> > "as long as
> > Apache is secure"; what should I do to be sure that Apache is secure?
> >
>
> Nothing, you nor nobody can do this. All you can do is subscribe to
> the Apache mailing list and if someone discovers a hole in Apache
> at some point in the future, then you can immediately patch your
> installation with the inevitable patch that will shortly follow.
Don't forget that Apache's nature is offering content. What about unsafe
PHP/CGI-scripts? You can secure Apache, but that doesn't help when your
webapplication is a big hole to your system.
Just my 0.2$c
Grtz,
--
Eilko.
More information about the freebsd-questions
mailing list