|
Click to See Complete Forum and Search --> : newbie security questions JoeyJoeJo 12-04-2002, 11:11 PM i want to use apache to host a page. I was just wondering if this leaves a back door open. Should I configure RH's firewall, or will that prevent people from seeing the site? Also, does apache allow perl scripts and the like? Thanks for the help oseespcs.com 12-06-2002, 12:08 AM (A1)Just to Let you know, Apache Is one of the Best Web Server Out there ( I have to say 1 Oh the best or some one some where will Say something) But It will do Perl, And CGI, and All That you can think of... (A2) When you start a web server and let people know about it that is a hole its self. But if you make sure you are using the most up-to-date Ver. of Apache You should be fine. And If you would like to set up a firewall you can just make sure that port 80 is open for web request. ;) Hubbe 12-09-2002, 03:08 PM Originally posted by oseespcs.com (A1)Just to Let you know, Apache Is one of the Best Web Server Out there ( I have to say 1 Oh the best or some one some where will Say something) But It will do Perl, And CGI, and All That you can think of... The best perhaps mut not entirely safe.....depending on what apache and distro you are using.....it always leaves something open when connected to the internet.....never 100% secure....i got a couple month ago a linux slapper worm just because i had apache open to the internet. it came thru a bug that was in the open ssl ....luckyly it didin't do any damage because i noticed it quite quickly.... an update is awailable now :) so not even linux is safe :( unixtool 12-09-2002, 03:32 PM Apache as a whole is secure. But when you don't take the time to harden your box or take precautions bad things "CAN" happen. Simple lessons when running ANYTHING on Linux: 1) Make sure to read all the eratta and help files. 2) Check CERT or other advisory pages about the software your installing 3) Repeat step 2 regularly 4) Have fun. As with anything, there are always risks. Walk outside your house and you have a 1% chance of dying. Get in your car, you up that to 40%. Running a webserver, 50/50 chance something will happen. If your running a simple webserver and don't need all the bells and whistles, configure your server from a minamalist point of view. If perl is in your future, don't compile it now and wait until its needed. If you don't plan on using CGI, don't compile it. If you want to have people download things, use a chrooted environ, etc. Take precautions, listen to the guru's, and have fun. HTH oseespcs.com 12-09-2002, 06:39 PM Originally posted by Hubbe i got a couple month ago a linux slapper worm just because i had apache open to the internet. it came thru a bug that was in the open ssl .... As you said it was open ssl Not Apache justlinux.com
Copyright Internet.com Inc. All Rights Reserved. |
|