>>> Ragnar Beer wrote
> Howdy everyone!
>
> I will soon have a Zope-site ready to go online. How can I make shure
> that I did everything (concerning Zope) to stop intruders? Where can
> I find information about protecting a Zope-site? Has anyone had
> security problems so far?
Easiest (most brutal?) fix I've found - hide Zope behind an Apache,
and prohibit access to any URLs of the form .*/manage.*
If you don't need to use basic auth to the Zope, then use a rewrite
rule to strip out any Authentication headers in the requests.
Anthony
_______________________________________________
Zope maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )