Re: Apache 1.3.33 strange log entry

From: Gerald Vogt (vogt_at_spamcop.net)
Date: 03/01/05 

Date: Tue, 01 Mar 2005 20:32:22 +0900

stefanPL wrote:
> Thanks for an answer, but I don't know how to do that, I run Apache in
> default configuration that comes with the installer. I am not a server
> administrator, so maybe you will tell me which module to unload or sth.
> :>

If you are not a server administrator you should not run a server. I am
sorry but what you are doing is simply irresponsible. You run a server
you don't know and don't understand. If you run a server you are the
administrator. You must know your server and how to configure it. That
is your task. If you don't know ask someone for help who knows it or get
a Webhoster. Never ever run anything just in default configuration as
unfortunately the default configuration is unsafe in most cases: this is
true for Windows where you will have a virus/worm within minutes, for
NAT "firewall" routers which can be so easily exploited to relay spams
for example, for any service or server which can be easily reconfigured.
But it is the user's fault to do so.

I usually edit apache config files with a text editor and thus have no
idea what the installer might have setup as default configuration file.
So it's hard to tell what you have to do without seeing the actual
thing. Unloading a module won't do. Remove _ALL_ modules first and then
go through the list and see which ones you actually need. Go through the
configuration description of the modules you include to see what they
do. Close as much as possible, use "deny all" restriction and then grant
access only to the smallest parts where you actually need them. I know
in particular php configuration is tough to do really safe, but that's
the way how you'll learn it. You are the server administrator. It is
_your_ responsibility to configure the server safely. It is your
responsibility to know your server and to check it frequently for any
problems or exploits.

I really hate those people that just run some server for whatever
unimportant reason it maybe, that are totally clueless and whose servers
are exploited in the end by rogues to spread spams, illegal music, porn
or worse.

Gerald

Relevant Pages

  • Re: SBS SP 1 installation error
    ... Component Name: Microsoft Exchange Forest Preparation ... Component Name: Server Configuration ... Component Name: Windows Server 2003 Configuration ... Component Name: Networking Configuration ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 2003 Misconfigured?
    ... The netgear has a setting for the Internet IP which is set to the ... DNS server address is set to SBS server's ip 192.168.5.109 ... but something else is clearly awry if you can't get DHCP ... Which, based on the configuration you gave, is part of the problem. ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 2003 Misconfigured?
    ... The netgear has a setting for the Internet IP which is set to the ... DNS server address is set to SBS server's ip 192.168.5.109 ... DHCP working - and as Cliff says, that should be a simple thing. ... Which, based on the configuration you gave, is part of the problem. ...
    (microsoft.public.windows.server.sbs)
  • RE: ceicw fails every time
    ... I'd like confirming CEICW steps with you to ensure there is not problem ... You have to rerun the CEICW to make sure your SBS 2003 server have right ... On the "Services Configuration" page, select all the items and then ... Calling CCertCommit::ValidatePropertyBag ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 2003 Misconfigured?
    ... The netgear has a setting for the Internet IP which is set to the ... DNS server address is set to SBS server's ip 192.168.5.109 ... but something else is clearly awry if you can't get DHCP ... Which, based on the configuration you gave, is part of the problem. ...
    (microsoft.public.windows.server.sbs)