On Thu, 26 Mar 2009 22:19:13 +0200
Nikos Chantziaras rea...@arcor.de wrote:
Alan McKinnon wrote:
You mentioned elsewhere in the thread web server
If that's the case, I'd be telling the hosting provider that 2004 called
and
they want their minutes back. Then I'd be looking for a different hosting
provider.
If indeed they're running off 2004 software, I would be interested to
know how many times people are defacing (or worse) sites hosted there :P
If the server itself is http-backend (with ssh forwarded, too), located
in dmz, what's the big deal?
You can have latest and fairly secure apache/lighttpd/nginx/whatever
out there, and, provided there are no holes in your scripts, the setup
should be fairly secure.
And that's probably most used line-of-defence on any web, since there's
nothing more important for webserver than scripts - if you have www, you
pretty much have it all.
--
Mike Kazantsev // fraggod.net
signature.asc
Description: PGP signature