Hello,
Arthur Guy wrote:
Isn't it possible to compress images any further?
Try to compress 100Mb of JPEG pictures and see for yourself.
I guess I am not really sure what I am asking when it comes to security, I
have setup an apache server running parallel to my current IIS server but on
port 8080.
I want to switch them over but I would like to be sure that the instillation
is secure, are there any problems with apache that I need to be worried
about? Are there any patches / configuration setups that need to be applied?
What's the point in releasing stable versions if they need to be patched
further...
No, there isn't. Security issues raise from insecure (php, perl, ...)
scripts and wrong permissions. If you merely deliver HTML files, and
process nothing server-side (such as cgi or aforementioned scripts) then
there is not much to do. It depends a lot on the distribution you use,
too. But this list is no place for distro flames.
Arthur
[EMAIL PROTECTED]
-----Original Message-----
From: Nick Kew [mailto:[EMAIL PROTECTED]
Sent: 25 June 2005 22:42
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] Compression and Security
Arthur Guy wrote:
Does gzip compression and browser decompression support images or is it
just
html and text?
Irrelevant. Web image formats are already compressed. You should also
avoid compressing some other formats (such as PDF) or a certain
crippled browser will refuse to display them.
Is the name mod_security correct, searching for it in the documentation
doesn't return anything?
It's a third-party module. But it's not really required for Apache
in the sense of IIS. We don't have a long history of devastating bugs
like CodeRed and Nimda (despite having three times MS's market share).
mod_security protects vulnerable applications rather than the server
itself.
--
Jean-Christophe Montigny
Responsable Commission Web, Association Planètes
Responsable serveurs assoces.com, Association Planètes
Etudiant de deuxième année à Grenoble Ecole de Management
Majeure Conseil en Organisation des Systèmes d'Information
begin:vcard
fn:Jean-Christophe Montigny
n:Montigny;Jean-Christophe
org;quoted-printable:Association [EMAIL PROTECTED]
adr;quoted-printable:;;12, rue Pierre S=C3=A9mard;Grenoble;FR;38000;France
email;internet:[EMAIL PROTECTED]
title:Responsable Com Web
x-mozilla-html:FALSE
url:http://planetes.assoces.com/
version:2.1
end:vcard
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]