From owner-freebsd-questions@FreeBSD.ORG Mon Apr 12 03:28:34 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B542016A4CE for ; Mon, 12 Apr 2004 03:28:34 -0700 (PDT) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0531F43D53 for ; Mon, 12 Apr 2004 03:28:34 -0700 (PDT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [IPv6:::1]) i3CASTcl057219 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 12 Apr 2004 11:28:29 +0100 (BST) (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)id i3CASTSp057218; Mon, 12 Apr 2004 11:28:29 +0100 (BST) (envelope-from matthew) Date: Mon, 12 Apr 2004 11:28:29 +0100 From: Matthew Seaman To: "Michael A. Alestock" Message-ID: <20040412102829.GB7692@happy-idiot-talk.infracaninophile.co.uk> Mail-Followup-To: Matthew Seaman , "Michael A. Alestock" , questions@freebsd.org References: <20040412095020.M76613@maa-net.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="R3G7APHDIzY6R/pk" Content-Disposition: inline In-Reply-To: <20040412095020.M76613@maa-net.net> User-Agent: Mutt/1.5.6i X-Spam-Status: No, hits=-4.8 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=2.63 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on happy-idiot-talk.infracaninophile.co.uk X-Virus-Scanned: clamd / ClamAV version devel-20040407, clamav-milter version 0.70g cc: questions@freebsd.org Subject: Re: apache13-modssl X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Apr 2004 10:28:34 -0000 --R3G7APHDIzY6R/pk Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Apr 12, 2004 at 05:55:11AM -0500, Michael A. Alestock wrote: > I recently uninstalled the Apache2 port to be able to use the Apache13-mo= dssl port=A0for SSL pages.=A0 >=20 > However, I had a friend tell me that Apache13-modssl is alot less secure = than Apache2. >=20 > Is there a modssl for Apache2 that I could use/install so it's more secur= e than Apache13-modssl?? Your friend is being unnecessarily alarmist. apache2 is not significantly different to apache13 in security terms. However, it is (I think) still a bit bigger and slower than apache13, plus support for all of the vast panoply of add-on modules etc. is yet to appear. However, apache2 works very well, and has some extra functionality (like improved IPv6 support and better threading) which may make it the preferrred choice at some sites. One of the extra bits of functionality in apache2 is that mod_ssl has now been rolled into the base distribution. All you need to do is enable the SSL functionality by editing the configuration files, and get yourself a suitable server key and certificate. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --R3G7APHDIzY6R/pk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAem9MdtESqEQa7a0RAq+EAJ9DNKwoZ/F1+elWWzKP68ePt/zvLQCfZZVu Dti6c0Xza7wNvte66NYul6E= =YM1V -----END PGP SIGNATURE----- --R3G7APHDIzY6R/pk--