httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d...@learningmeasure.org
Subject Re: security question
Date Fri, 29 Mar 2002 00:13:15 GMT
I would use ssh instead of telnet, and scp or sftp instead of ftp. Also use 
something like Bastille to help make your system more secure. Others might 
have different suggestions. 

Check these websites out: 

http://www.openssh.com/
http://www.bastille-linux.org/ 

David Archer 

Casas, Claudia writes: 

> Forgive me if this is not the most adequate place for this question, but it
> is somehow related to my web accounts in apache.
> My linux 7.2 server needs to be accessed through ftp from anyplace 24 hours
> a day by using wu-ftp.
>  
> I already set up my ftp so that each user can login using their account
> password and see their homedirs as their root, with no further access (guest
> ftp).
> I have already taken off any anynomous or real ftp (access to everything in
> the system).  I have restricted any telnet access to the accounts as well.
> But, I still would like to know if there is anything else I can do to
> protect my server. I know that ftp is a security treat. Is there any
> resource where I can read about how to bullet proof my server even when
> allowing ftp access?? My requirements are that ftp access is essential for
> my server. You know, I have clients who think that ftp is easiest program to
> use to modify or add their web content. I would really appreciate if you can
> recommend me a good book, http address, anything on how to secure my apache
> web server and accounts.
>  
> I read the email about webdav by Saqib Ali. It seems really interesting to
> me, especially for my situation. But one question: how easy is for the users
> to learn??? Please take into account that my users are generally people who
> are learning how to handle technology ( I mean basics!!! From copy paste to
> web development). 
>  
 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message