Matthew Seaman m.seaman at infracaninophile.co.uk
Mon Apr 12 03:28:34 PDT 2004

On Mon, Apr 12, 2004 at 05:55:11AM -0500, Michael A. Alestock wrote:
> I recently uninstalled the Apache2 port to be able to use the Apache13-modssl port for SSL pages. 
> However, I had a friend tell me that Apache13-modssl is alot less secure than Apache2.
> Is there a modssl for Apache2 that I could use/install so it's more secure than Apache13-modssl??

Your friend is being unnecessarily alarmist.  apache2 is not
significantly different to apache13 in security terms.  However, it is
(I think) still a bit bigger and slower than apache13, plus support
for all of the vast panoply of add-on modules etc. is yet to appear.

However, apache2 works very well, and has some extra functionality
(like improved IPv6 support and better threading) which may make it
the preferrred choice at some sites.

One of the extra bits of functionality in apache2 is that mod_ssl has
now been rolled into the base distribution.  All you need to do is
enable the SSL functionality by editing the configuration files, and
get yourself a suitable server key and certificate.



Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040412/e7947e5a/attachment.bin

More information about the freebsd-questions mailing list