Re: Leaner httpd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

--- Joshua Slive <joshua@xxxxxxxx> wrote:

> On 5/15/07, Grant Peel <gpeel@xxxxxxxxxxxxx> wrote:
> 
> > # Dynamic Shared Object (DSO)    Support
> > #LoadModule authn_file_module   
> libexec/apache22/mod_authn_file.so
> > #LoadModule authn_dbm_module   
> libexec/apache22/mod_authn_dbm.so
> > #LoadModule authn_anon_module   
> libexec/apache22/mod_authn_anon.so
> > #LoadModule authn_default_module   
> libexec/apache22/mod_authn_default.so
> > #LoadModule authn_alias_module   
> libexec/apache22/mod_authn_alias.so
> > #LoadModule authz_host_module   
> libexec/apache22/mod_authz_host.so
> > #LoadModule authz_groupfile_module   
> libexec/apache22/mod_authz_groupfile.so
> > #LoadModule authz_user_module   
> libexec/apache22/mod_authz_user.so
> > #LoadModule authz_dbm_module   
> libexec/apache22/mod_authz_dbm.so
> > #LoadModule authz_owner_module   
> libexec/apache22/mod_authz_owner.so
> > #LoadModule authz_default_module   
> libexec/apache22/mod_authz_default.so
> >            As far as I know, we don't use anything
> for database type authentication.    Remove?
> 
> You'll probably want to keep mod_authz_host.
> 
> >
> > LoadModule auth_basic_module   
> libexec/apache22/mod_auth_basic.so
> >         Looks like    this is used for htaccess
> type authentication keep it.
> 
> If you are doing basic auth, then you also need some
> other modules
> from above. See:
> http://httpd.apache.org/docs/2.2/howto/auth.html
> For example, you probably want to keep at least
> mod_authn_file,
> mod_authn_default, mod_authz_user,
> mod_authz_groupfile, and
> mod_authz_default.


If you are running a hosting service you must be
authenticating your clients somehow, even if with just
the basic authentication. Or are you letting any
cracker who guesses the url access the control panel
system for your client's webspace?
[ not likely, no-one is that crazed :) ]

Jaqui


      Be smarter than spam. See how smart SpamGuard is at giving junk email the boot with the All-new Yahoo! Mail at http://mrd.mail.yahoo.com/try_beta?.intl=ca


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux