Andrew M. Bishop <[EMAIL PROTECTED]> wrote: > Joerg Sommer <[EMAIL PROTECTED]> writes: > >> is it possible to bind wwwoffle-port to another interface then the http-port? >> So http-port can listen to an public interface and wwwoffle-port can be >> bound to a secure interface like localhost. This may likewise reduce the >> possibility of and DOS attack. > > No, there is only one option in the configuration file for the > interface to bind. > > I don't see much improvement in security from binding the two to
AFAIK the wwwoffle-port is for controlling wwwoffle, to switch wwwoffle online or offline. If the wwwoffle-port is bounded to the local interface, only a local user could get access on it. So it's much harder to get control about wwwoffle. And I don't know, why this must be a tcp port? Couldn't it be a unix socket? > different interfaces since you can have a DOS attack on either one of > them. Protecting one port like this and not the other is pointless. Yes, you are right.
