From owner-freebsd-questions@FreeBSD.ORG  Thu Jan 20 03:23:09 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id AD91B16A4CE
	for <freebsd-questions@freebsd.org>;
	Thu, 20 Jan 2005 03:23:09 +0000 (GMT)
Received: from smtp9.wanadoo.fr (smtp9.wanadoo.fr [193.252.22.22])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 425D443D55
	for <freebsd-questions@freebsd.org>;
	Thu, 20 Jan 2005 03:23:09 +0000 (GMT)
	(envelope-from atkielski.anthony@wanadoo.fr)
Received: from me-wanadoo.net (localhost [127.0.0.1])
	by mwinf0901.wanadoo.fr (SMTP Server) with ESMTP id E13332001425
	for <freebsd-questions@freebsd.org>;
	Thu, 20 Jan 2005 04:23:07 +0100 (CET)
Received: from pix.atkielski.com (ASt-Lambert-111-2-1-3.w81-50.abo.wanadoo.fr
	[81.50.80.3])
	by mwinf0901.wanadoo.fr (SMTP Server) with ESMTP id C86B02001429
	for <freebsd-questions@freebsd.org>;
	Thu, 20 Jan 2005 04:23:07 +0100 (CET)
X-ME-UUID: 20050120032307821.C86B02001429@mwinf0901.wanadoo.fr
Date: Thu, 20 Jan 2005 04:23:07 +0100
From: Anthony Atkielski <atkielski.anthony@wanadoo.fr>
X-Priority: 3 (Normal)
Message-ID: <1493773909.20050120042307@wanadoo.fr>
To: freebsd-questions@freebsd.org
In-Reply-To: <41EF1C10.2090106@att.net>
References: <41EE0A7B.0@att.net>
 <200501200009.01258.list-freebsd-2004@morbius.sent.com>
 <41EF1C10.2090106@att.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Subject: Re: Security for webserver behind router?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: freebsd-questions@freebsd.org
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jan 2005 03:23:09 -0000

Jay O'Brien writes:

JOB> Thanks, but what I want to know is what risk I have with port 80,
JOB> and only port 80 open. 

The risk depends on Apache, since that's the daemon answering the phone
when someone calls in on port 80.

Just make sure you're using the latest version of Apache (1.3.33, if you
want the 1.x version, or 2.0.52, if you want the 2.x version).  Some
earlier versions are vulnerable.  As long as Apache is secure, port 80
can be open.

-- 
Anthony