Joshua Slive wrote:
On 5/16/07, Marc Perkel <marc@xxxxxxxxxx> wrote:I was hoping for a more specific answer. If I could have done that I wouldn't be here asking how to do it.Well, your original question was a little like "There's some money missing from my dresser drawer; how do I stop that from happening?" We told you to make sure no robbers get into your house. You then asked us how to do that. Well, given we know nothing about your house, there is nothing we can tell you that wouldn't be trivial: go check the doors to see if they are locked, check for any broken glass around the windows, and make sure you don't give the key to anyone untrustworthy. Translating that into apache-speak: check your logs for anything unusual, check all the dynamic content (php/cgi/etc) for possible vulnerabilities, and make sure that your OS, apache, and scripts are all up-to-date on security patches.If you want more specific help, you'll need to ask a non-trivial question.Joshua. ---------------------------------------------------------------------The official User-To-User support forum of the Apache HTTP Server Project.See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
Also consider other services, such as FTP servers, SSH, SCP, etc. etc. etc.Apache very well may not be to blame, and in my experience, outside of a hole opened by a script in a site, it is quite secure.
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|