> -----Original Message----- > From: Arthur Guy [mailto:arthur@xxxxxxxxxxxxxxxxxxxx] > > Isn't it possible to compress images any further? No. A raw image from a camera or scanner is a bitmap; an array of pixels each of which contains the colour and brilliance information for that pixel. The filesize is huge and independent of the content of the image. You (should!) never use bitmaps on a webpage. All portable images (eg, jpg) compress the bitmap to a mathematically minimal size. You can pass the jpg file through gzip and it will generate a .gz file but it won't make any difference to the size (it just rearranges the bits) and might even make it larger. If you could compress a jpg, then we'd already do this again and again in the jpg-generation, making the file smaller and smaller until it disappeared :-) Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > > I guess I am not really sure what I am asking when it comes > to security, I > have setup an apache server running parallel to my current > IIS server but on > port 8080. > I want to switch them over but I would like to be sure that > the instillation > is secure, are there any problems with apache that I need to > be worried > about? Are there any patches / configuration setups that need > to be applied? > > Arthur > > arthur@xxxxxxxxxxxxxxxxxxxx > -----Original Message----- > From: Nick Kew [mailto:nick@xxxxxxxxxxxx] > Sent: 25 June 2005 22:42 > To: users@xxxxxxxxxxxxxxxx > Subject: Re: [users@httpd] Compression and Security > > Arthur Guy wrote: > > Does gzip compression and browser decompression support > images or is it > just > > html and text? > > Irrelevant. Web image formats are already compressed. You > should also > avoid compressing some other formats (such as PDF) or a certain > crippled browser will refuse to display them. > > > Is the name mod_security correct, searching for it in the > documentation > > doesn't return anything? > > It's a third-party module. But it's not really required for Apache > in the sense of IIS. We don't have a long history of devastating bugs > like CodeRed and Nimda (despite having three times MS's market share). > mod_security protects vulnerable applications rather than the server > itself. > > -- > Nick Kew > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP > Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > > > > 'a star solutions' disclaimer > The information transmitted is intended only for the person > or entity to which it is addressed and may contain > confidential and/or privileged material. > If you are not the intended recipient of this message you are > hereby notified that any use, review, retransmission, > dissemination, distribution, reproduction or any action taken > in reliance upon this message is prohibited. > If you received this in error, please contact the sender and > delete the material from any computer. > Any views expressed in this message are those of the > individual sender and may not necessarily reflect the views > of the company. > We believe that this communication is free from viruses and > other potentially dangerous programmes, but the recipient > opens this communication at their own risk. > We assume no responsibility for any loss or damage arising > from the receipt or use of this communication > > > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP > Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or business activities of the SWX Group. Le présent e-mail est un message privé et personnel, sans rapport avec l'activité boursière du Groupe SWX. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx