Date: Mon, 12 Apr 2004 11:28:29 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: "Michael A. Alestock" <michaela@maa-net.net> Cc: questions@freebsd.org Subject: Re: apache13-modssl Message-ID: <20040412102829.GB7692@happy-idiot-talk.infracaninophile.co.uk> In-Reply-To: <20040412095020.M76613@maa-net.net> References: <20040412095020.M76613@maa-net.net>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --]
On Mon, Apr 12, 2004 at 05:55:11AM -0500, Michael A. Alestock wrote:
> I recently uninstalled the Apache2 port to be able to use the Apache13-modssl port for SSL pages.
>
> However, I had a friend tell me that Apache13-modssl is alot less secure than Apache2.
>
> Is there a modssl for Apache2 that I could use/install so it's more secure than Apache13-modssl??
Your friend is being unnecessarily alarmist. apache2 is not
significantly different to apache13 in security terms. However, it is
(I think) still a bit bigger and slower than apache13, plus support
for all of the vast panoply of add-on modules etc. is yet to appear.
However, apache2 works very well, and has some extra functionality
(like improved IPv6 support and better threading) which may make it
the preferrred choice at some sites.
One of the extra bits of functionality in apache2 is that mod_ssl has
now been rolled into the base distribution. All you need to do is
enable the SSL functionality by editing the configuration files, and
get yourself a suitable server key and certificate.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQFAem9MdtESqEQa7a0RAq+EAJ9DNKwoZ/F1+elWWzKP68ePt/zvLQCfZZVu
Dti6c0Xza7wNvte66NYul6E=
=YM1V
-----END PGP SIGNATURE-----
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040412102829.GB7692>