David Guest wrote: > Tim Churches wrote: >> One does need to be very careful with Apache (or other fully-fledged Web >> servers - IIS is even worse) - a minor and seemingly inconspicuous >> change to the config file can expose a lot on your system. For example, >> a lot of Apache installations come with mod_dav, which allows various >> applications to write files on the Web server via the DAV protocol (over >> HTTP) - that needs to be VERY carefully configured indeed... better to >> disable it. Anyway, there are heaps of tutorials out there on how to >> secure Apache - default Apache installations only tend to be moderately >> secure - but if you allow HTTP through your firewall as David wants to >> do, you want your Apache configuration to be VERY, VERY secure, I would >> think. >> > Like the Russians at Kursk I am practising defense in depth. [1]
As long as you don't end up like the Russians in the Kursk practising defence at depth. [2] Tim C [1] http://en.wikipedia.org/wiki/Battle_of_Kursk [2] http://en.wikipedia.org/wiki/Russian_submarine_Kursk _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
