Hello, I'm about to go production with our mod_ssl web site. We are using the following:
Web server in the DMZ Solaris 2.8/ Netra with 128Mb ram mod_ssl-2.8.5-1.3.22 openssl-0.9.6b chroot'd Apache 1.3.22 (mod_coldfusion) (mod_rewrite) Coldfusion 5.0 in distributed mode (cfremote) (Basically all gif, pdf html content local, but all .cfm content is located and processed on the coldfusion server behind the firewall) esign global cct. Corperate Network (behind the firewall) Solaris 2.8 / Dual proc Sun 250 with 2gb memory Coldfusion 5.0 server. Data bases, etc. I'm no guru when it comes to ssl so I'm wondering if some of you could run your eyes over my httpd.conf file with the following things in mind 1 - Most of our clients will be using MSIE 5.0+ 2 - Most will be external users 3 - I'm interested in mistake I've made in relation to security settings 4 - Mistakes that may have caused issues with performance and reliability 5 - Note I have commented out the Rewite directives because the server tells me that I have misspelled it. Cannot understand it. Any ideas??? I did compile with rewrite option enabled) 6 - Anyone got a test plan I can use? 7 - Any comments on cfdist and cfremote? Thanks. -- regards, Christopher Welsh System Administrator, Voice:+61 03 52262385 Barwon Water, Geelong, Mobile: 0409 562968 3220, Vic, Australia Fax: +61 03 52210094 ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]