Date: Fri, 8 Jun 2001 12:58:04 -0500 From: "Scot W. Hetzel" <hetzels@westbend.net> To: "Peter Brezny" <peter@sysadmin-inc.com>, <freebsd-isp@FreeBSD.ORG> Subject: Re: security and FrontPage 2000 extensions on apache. Message-ID: <02a101c0f044$9173c660$7d7885c0@genroco.com> References: <MFEFLELMIJGKDKPCJHAFOEBGCDAA.peter@sysadmin-inc.com>
next in thread | previous in thread | raw e-mail | index | archive | help
From: "Peter Brezny" <peter@sysadmin-inc.com> > Digging around in the archives, I've found a lot of comments about the > insecure nature of fp extensions, but sometimes not a lot of meat to back up > the arguement. > > I'm running an old 2.2.8 server with fp98 extensions on it. Have the fp2000 > extensions tightened up the security any more? Do they install more easily? > General comments? > The security of the FrontPage extensions mostly rely on how you configure the Apache server. You want to restrict who and from where a user can administer or author a FP enabled web site. Configuration of theses security settings is done thru the FP client, which informs the FP Exts (fpadmin.exe) to create the necessary .htaccess files to restrict users permissions on a web site. Installation of the FP2K Exts (fp40) hasn't changed. Scot To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?02a101c0f044$9173c660$7d7885c0>