> > Sounds like I should cancel my order for WSP 3 and migrate to IIS
> > while I still only have 100 or so sites to switch.
>
> And then spend 3 hours a week making sure you have the latest
> vulnerabilities patched...
Now, I like WebSite, but this isn't really a fair criticism. IIS
vulnerabilities typically only affect you when you haven't properly set it
up in the first place. For example, lots of them depend on ISAPI mappings
that no one is using. If they're not being used, they shouldn't be left in
place! There are plenty of sources for information on properly configuring
IIS.
Also, just because more IIS vulnerabilities are publicly known, doesn't mean
that IIS is inherently less secure than WebSite. There are simply fewer
people poking into WebSite looking for vulnerabilities, since there are
fewer people using WebSite.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
