Security for webserver behind router?

Eilko Bos tafkam at
Thu Jan 20 03:07:33 PST 2005

>From the keyboard of Ted Mittelstaedt, written on Wed, Jan 19, 2005 at 11:25:00PM -0800:
> > I am running Apache 1.3.33, as you suggest I should. You say
> > "as long as
> > Apache is secure"; what should I do to be sure that Apache is secure?
> >
> Nothing, you nor nobody can do this.  All you can do is subscribe to
> the Apache mailing list and if someone discovers a hole in Apache
> at some point in the future, then you can immediately patch your
> installation with the inevitable patch that will shortly follow.

Don't forget that Apache's nature is offering content. What about unsafe
PHP/CGI-scripts? You can secure Apache, but that doesn't help when your
webapplication is a big hole to your system.

Just my 0.2$c


More information about the freebsd-questions mailing list