>
> The point is that Apache is less prone to attack for some reason. Better
> initial coding possibly with fewer holes ?? With Apache there are seldom
> fixes going out since the initial code was written with security in mind.
>
> Rarely is it necessary to upgrade or patch for a security fix a
On Thu, 15 Aug 2002, $Bill Luebkert wrote:
> Sisyphus wrote:
> > Hi,
> > Is Apache now considered to be secure in a production environment on Windows
> > ?
> >
> > 12 months ago it wasn't.
> >
> > Sorry it's an OT thread it's already long enough I haven't
> > been following it
On Thu, 15 Aug 2002, Brian Steele wrote:
> The only problem with this analysis is that, based on the info I'm getting
> on my security lists these days, MORE bugs are being found now with
> open-source software than with MS software.
>
> It's just basic probability in action:
>
> New versions
On Thu, 15 Aug 2002, $Bill Luebkert wrote:
> Brian Steele wrote:
> > Answers:
> >
> > 1. The reason why more IIS servers have been compromised than Apache servers
> > has more to do with administration ignorance rather than anything else IMO.
> > Ex: Nimda - MS had the fix out before Nimda arrive
On Thu, 15 Aug 2002, $Bill Luebkert wrote:
> Brian Steele wrote:
> > Well lessee, choosing between one that automatically uses file association,
> > and one that offers it as a configurable option (the result being that
> > you'll find it enabled on some servers but not on others - great for
> >
> * The illusion that Windows is easy to configure. People
> think that you
> don't need to know so much to configure Windows. This is wrong. The
> complexity is there, but you don't see it, and you don't
> control it. When
> you don't know Unix, you can pretty much feel you're not the
> kin
Sisyphus wrote:
> Hi,
> Is Apache now considered to be secure in a production environment on Windows
> ?
>
> 12 months ago it wasn't.
>
> Sorry it's an OT thread it's already long enough I haven't
> been following it the answer to my question has probably already been
> given
le
search on +Apache +exploit +root +access and you'd see what I mean :-).
Brian
- Original Message -
From: "$Bill Luebkert" <[EMAIL PROTECTED]>
To: "Perl Users" <[EMAIL PROTECTED]>
Sent: Thursday, August 15, 2002 10:22 PM
Subject: Re: Getting cg
Alias ' in httpd.conf.
Cheers,
Scot R.
inSite
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
Brian Steele
Sent: Thursday, August 15, 2002 4:29 PM
To: Perl Users
Subject: Re: Getting cgis to
Users" <[EMAIL PROTECTED]>
Sent: Thursday, August 15, 2002 3:33 PM
Subject: Re: Getting cgis to work
> Scot Robnett wrote:
> > On Windows, the shebang
line
> > is almost a frivolity - as long as the script has a .pl or .cgi
exten
t
Sent: Thursday, August 15, 2002 2:34 PM
To: Perl Users
Subject: Re: Getting cgis to work
Scot Robnett wrote:
> On Windows, the shebang
line
> is almost a frivolity - as long as the script has a .pl or .cgi extension
> (and you have .cgi ass
I believe that PWS requires that you place all CGIs in its own scripts
directory, unless you explicitly set your preferences otherwise. As long as
the scripts are in the correct place and PWS is running, chances are that
your 500 errors are a result of something else. On Windows, the shebang line
12 matches
Mail list logo
