From owner-freebsd-questions@FreeBSD.ORG  Thu Jan 20 14:57:44 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id F3F3116A4CF
	for <questions@freebsd.org>; Thu, 20 Jan 2005 14:57:43 +0000 (GMT)
Received: from web41415.mail.yahoo.com (web41415.mail.yahoo.com
	[66.218.93.81])	by mx1.FreeBSD.org (Postfix) with SMTP id BD07143D1D
	for <questions@freebsd.org>; Thu, 20 Jan 2005 14:57:43 +0000 (GMT)
	(envelope-from davemac11@yahoo.com)
Received: (qmail 30674 invoked by uid 60001); 20 Jan 2005 14:57:43 -0000
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
	s=s1024; d=yahoo.com;
	b=mOVLcbs4wTfJk6unqvlYlNUd8XVCdkQ7DkUmsAeoVAd4EAvH/zu4bjsisDrwz8mQ/pTdX5IQUyn5wiSeq8r0XQmtjMVSBroUaakfUsinhzL7aW/TT59s5ehUj//PUpRIjkmMS9o6lSnpkWJeRvzHqsTvC53tHL4mlFOtakYy3Js=
	;
Message-ID: <20050120145743.30672.qmail@web41415.mail.yahoo.com>
Received: from [168.91.4.66] by web41415.mail.yahoo.com via HTTP;
	Thu, 20 Jan 2005 06:57:43 PST
Date: Thu, 20 Jan 2005 06:57:43 -0800 (PST)
From: Dave McCammon <davemac11@yahoo.com>
To: questions@freebsd.org
In-Reply-To: <20050120110725.GA99151@webmail.home.brasapen.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Subject: Re: Security for webserver behind router?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jan 2005 14:57:44 -0000


--- Eilko Bos <tafkam@brasapen.org> wrote:

> >From the keyboard of Ted Mittelstaedt, written on
> Wed, Jan 19, 2005 at 11:25:00PM -0800:
> > > I am running Apache 1.3.33, as you suggest I
> should. You say
> > > "as long as
> > > Apache is secure"; what should I do to be sure
> that Apache is secure?
> > >
> > 
> > Nothing, you nor nobody can do this.  All you can
> do is subscribe to
> > the Apache mailing list and if someone discovers a
> hole in Apache
> > at some point in the future, then you can
> immediately patch your
> > installation with the inevitable patch that will
> shortly follow.
> 
> Don't forget that Apache's nature is offering
> content. What about unsafe
> PHP/CGI-scripts? You can secure Apache, but that
> doesn't help when your
> webapplication is a big hole to your system.
> 
> Just my 0.2$c
> 
> Grtz,

You can also use usr/ports/www/mod_security to help
secure Apache.


		
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - 250MB free storage. Do more. Manage less. 
http://info.mail.yahoo.com/mail_250