Re: Most secure web server
- From: Ertugrul Soeylemez <never@xxxxxxxxxxxxxx>
- Date: Wed, 10 Jan 2007 10:58:35 +0100
"Nico" <nkadel@xxxxxxxxx> (07-01-09 00:09:31):
Does anyone have any advice in choosing the most secure web
server possible? Apache is often used, but has many features
which are not needed. Being heavy-weight is more likely to
introduce exploits. What do you think of any alternatives to
apache or am I wrong to think this about Apache?The Apache core
itself is just a simple implementation of HTTP, a
configuration parser, and a server socket (maybe a few more
things). Even multitasking is a separate feature. So take Ken's
advice, and don't load modules for features you don't need.
A lot has been left out: Apache is fully featured: there are tools
available for all sorts of things which you may not need (such as PHP
and MySQL) and for things that are very useful for security (such as
SSL, and local Kerberos authentication). Using a good webserver is not
enough to be secure: I highly recommend goiing over what you need with
someone comfortable with your particular server to walk you through
the booby traps.
You're talking about security and PHP in the same paragraph, and you're
completely missing the point.
Regards,
E.S.
.
- References:
- Most secure web server
- From: Geoff
- Re: Most secure web server
- From: Ertugrul Soeylemez
- Re: Most secure web server
- From: Geoff
- Re: Most secure web server
- From: Nico
- Most secure web server
- Prev by Date: Re: After restarting Destination host unreachable
- Next by Date: colocation security
- Previous by thread: Re: Most secure web server
- Next by thread: port 2967 TCP
- Index(es):
Relevant Pages
|
