httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Casas, Claudia" <CCa...@utep.edu>
Subject security question
Date Thu, 28 Mar 2002 23:55:06 GMT
Forgive me if this is not the most adequate place for this question, but it
is somehow related to my web accounts in apache.
My linux 7.2 server needs to be accessed through ftp from anyplace 24 hours
a day by using wu-ftp.
 
I already set up my ftp so that each user can login using their account
password and see their homedirs as their root, with no further access (guest
ftp).
I have already taken off any anynomous or real ftp (access to everything in
the system).  I have restricted any telnet access to the accounts as well.
But, I still would like to know if there is anything else I can do to
protect my server. I know that ftp is a security treat. Is there any
resource where I can read about how to bullet proof my server even when
allowing ftp access?? My requirements are that ftp access is essential for
my server. You know, I have clients who think that ftp is easiest program to
use to modify or add their web content. I would really appreciate if you can
recommend me a good book, http address, anything on how to secure my apache
web server and accounts.
 
I read the email about webdav by Saqib Ali. It seems really interesting to
me, especially for my situation. But one question: how easy is for the users
to learn??? Please take into account that my users are generally people who
are learning how to handle technology ( I mean basics!!! From copy paste to
web development). 
 

Mime
View raw message