-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Stéphane Magnenat wrote: > Hello, > >> It is generally advised not to run awstats on a public site. I would >> suggest to login+password protect browser access to awstats. It has a >> quite poor security history! > > Thanks for the information :-) > > Kyle, it's up to you, it's your server. I don't know if it would be very > difficult to use our unified login to access this page (that would require > adding a custom mod to apache security). > > Have a nice day, > > Steph >
I know it has a quite poor security history. I'm currently working on setting up some enhanced security features on my server for extra coolness. ex: to ban bad robots, in my robots.txt file I'm adding a link to a trap file. if they hit it, they get screwed into being blocked permanently from my server. hopefully this will reduce some of the load on it, granted it's not too high right now. other stuff: not to be mentioned as they're super secret :P also, awstats got screwed for this month, and I've spent too much time trying to fix it to no avail and I'm not going to try anymore. if anybody is willing to help me write some scripts to boost security please hit me up in the irc channel. back to computer chores for me, Kyle -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2-ecc0.1.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEcH5JVFIipMnXxfYRAud2AJ9ZkfozvG+ms0pUo3rEbcGUp3rR7QCfeQ52 oj5fJ8en1Skb7MvTcbCruRM= =RskO -----END PGP SIGNATURE----- _______________________________________________ glob2-devel mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/glob2-devel
