Am 21.07.2013 19:39, schrieb drago01: > On Sun, Jul 21, 2013 at 6:47 PM, Jared K. Smith > <jsmith@xxxxxxxxxxxxxxxxx> wrote: >> On Sat, Jul 20, 2013 at 12:53 PM, Adam Williamson <awilliam@xxxxxxxxxx> >> wrote: >>> >>> I'm not sure if I'm missing anything here, but is it intended that >>> webapps should not be accessible from anywhere but localhost by default? >> >> >> That's my understanding, yes. It follows from the general understanding >> that network-accessible daemons (with perhaps the exception of sshd) should >> not be accessible from outside of localhost by default. >> >> Now I'm curious... do you have a particularly strong reason why web apps >> should be different than any other network daemon? > > Because they aren't. The daemon in this case is httpd, not the webapps but the danger is not a up-to-date httpd the danger is blindly installed and not proper configured web-apps on default path's - it takes *minutes* before the first bot will find your application what attack should happen to a naked httpd?
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
