Re: Dumb Apache server moves?
From: Jem Berkes (jb@users.pc9.org)
Date: 02/06/03
- Next message: Hanseat: "Re: vsftp"
- Previous message: Amanda Kelley: "Dumb Apache server moves?"
- In reply to: Amanda Kelley: "Dumb Apache server moves?"
- Next in thread: Jem Berkes: "Re: Dumb Apache server moves?"
- Reply: Jem Berkes: "Re: Dumb Apache server moves?"
- Reply: Adam: "Re: Dumb Apache server moves?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Jem Berkes <jb@users.pc9.org> Date: Thu, 06 Feb 2003 19:29:04 GMT
> Just food for thought: What do you think are the most common security
> mistakes regarding configuration of Apache? Not so much security
> flaws, but default configutations / dumb default settings that should
> be changed?
>
> I am sort of new to this but have become the impromptu expert in my
> department. Any thoughts from the Apache world?
Things that briefly flash into my mind. Don't know if they're default.
- Letting untrusted users execute CGI scripts
- Letting untrusted users use .htaccess
- The default CGI demo programs are TROUBLE
-- Jem Berkes http://www.pc-tools.net/ Windows, Linux & UNIX software
- Next message: Hanseat: "Re: vsftp"
- Previous message: Amanda Kelley: "Dumb Apache server moves?"
- In reply to: Amanda Kelley: "Dumb Apache server moves?"
- Next in thread: Jem Berkes: "Re: Dumb Apache server moves?"
- Reply: Jem Berkes: "Re: Dumb Apache server moves?"
- Reply: Adam: "Re: Dumb Apache server moves?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
