On 30 Sep 2010, at 18:23, Igor GaliÄ wrote: > Why not put it in svn in httpd's sandbox? Hadn't 100% decided ... >> http://people.apache.org/~niq/mod_taint.html >> http://people.apache.org/~niq/mod_taint.c > > does it make more sense to use it on a reverse proxy or > on the backend in question? Either of those might find a use for it. Running it on a proxy has the advantage of being the first port of call, so long as nothing bad can come from behind the proxy. I guess that's a similar question to authentication at the proxy. The "what are you protecting against" (malicious vs accidental attack) might be relevant too if you have both internal/trusted and external/untrusted users. -- Nick Kew --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|