Isn't it possible to compress images any further? I guess I am not really sure what I am asking when it comes to security, I have setup an apache server running parallel to my current IIS server but on port 8080. I want to switch them over but I would like to be sure that the instillation is secure, are there any problems with apache that I need to be worried about? Are there any patches / configuration setups that need to be applied? Arthur arthur@xxxxxxxxxxxxxxxxxxxx -----Original Message----- From: Nick Kew [mailto:nick@xxxxxxxxxxxx] Sent: 25 June 2005 22:42 To: users@xxxxxxxxxxxxxxxx Subject: Re: [users@httpd] Compression and Security Arthur Guy wrote: > Does gzip compression and browser decompression support images or is it just > html and text? Irrelevant. Web image formats are already compressed. You should also avoid compressing some other formats (such as PDF) or a certain crippled browser will refuse to display them. > Is the name mod_security correct, searching for it in the documentation > doesn't return anything? It's a third-party module. But it's not really required for Apache in the sense of IIS. We don't have a long history of devastating bugs like CodeRed and Nimda (despite having three times MS's market share). mod_security protects vulnerable applications rather than the server itself. -- Nick Kew --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx 'a star solutions' disclaimer The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you are not the intended recipient of this message you are hereby notified that any use, review, retransmission, dissemination, distribution, reproduction or any action taken in reliance upon this message is prohibited. If you received this in error, please contact the sender and delete the material from any computer. Any views expressed in this message are those of the individual sender and may not necessarily reflect the views of the company. We believe that this communication is free from viruses and other potentially dangerous programmes, but the recipient opens this communication at their own risk. We assume no responsibility for any loss or damage arising from the receipt or use of this communication --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|