Hi, Ive recently just had one of my websites hacked on my server I have know Idea how as I thought my server was pretty secure, As I've kept up to date with all the latest patches, switched my tellnet over to SSH, and so forth, my bigest guess is that you have to pass the root password to the machine while logging in over the Web admin pages, this scare me some what. But raises some questions in my mind.
A. is there a way to make the main admin pages work off a different user account, If not why not as it seems like a huge security hole to me. B. Secondly I dont know much about certificates, but Is it possible to issue a client certificate or some sort of certificate so you can limit only certain browsers/users to access that site? and making sure that the link between the server and the client is secure? Thanks Duncan. __________________________________________________ Do You Yahoo!? Yahoo! Sports - Coverage of the 2002 Olympic Games http://sports.yahoo.com _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
