Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 37916 invoked from network); 9 Feb 2005 18:14:57 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 9 Feb 2005 18:14:57 -0000 Received: (qmail 18953 invoked by uid 500); 9 Feb 2005 18:14:46 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 18939 invoked by uid 500); 9 Feb 2005 18:14:45 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 18922 invoked by uid 99); 9 Feb 2005 18:14:45 -0000 X-ASF-Spam-Status: No, hits=1.2 required=10.0 tests=FORGED_RCVD_HELO,PRIORITY_NO_NAME X-Spam-Check-By: apache.org Received-SPF: neutral (hermes.apache.org: local policy) Received: from smtp10.wanadoo.fr (HELO smtp10.wanadoo.fr) (193.252.22.21) by apache.org (qpsmtpd/0.28) with ESMTP; Wed, 09 Feb 2005 10:14:45 -0800 Received: from me-wanadoo.net (localhost [127.0.0.1]) by mwinf1001.wanadoo.fr (SMTP Server) with ESMTP id C25CF18000A3 for ; Wed, 9 Feb 2005 19:14:42 +0100 (CET) Received: from freebie.atkielski.com (ASt-Lambert-111-2-1-3.w81-50.abo.wanadoo.fr [81.50.80.3]) by mwinf1001.wanadoo.fr (SMTP Server) with ESMTP id 273101800098 for ; Wed, 9 Feb 2005 19:14:38 +0100 (CET) X-ME-UUID: 20050209181442161.273101800098@mwinf1001.wanadoo.fr Received: from pix.atkielski.com (pix.atkielski.com [10.0.0.40]) by freebie.atkielski.com (8.13.1/8.13.1) with ESMTP id j19IEb30028595 for ; Wed, 9 Feb 2005 19:14:37 +0100 (CET) (envelope-from anthony@atkielski.com) Date: Wed, 9 Feb 2005 19:14:37 +0100 From: "Anthony G. Atkielski" Reply-To: users@httpd.apache.org X-Priority: 3 (Normal) Message-ID: <1637321046.20050209191437@atkielski.com> To: users@httpd.apache.org In-Reply-To: <007b01c50ed1$78d054c0$ce0aa8c0@parrysound.com> References: <0FF54EAC-7AC0-11D9-B134-000D933E3CEC@shire.net> <1310148301.20050209185121@atkielski.com> <007b01c50ed1$78d054c0$ce0aa8c0@parrysound.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked Subject: Re: [users@httpd] Favorite Linux Distribution X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N Tim Burden writes: > Well, you'll want a cron daemon, and an ssh daemon and maybe some other > little handy things, but I certainly agree with this sentiment. Sure, there are some things you'll probably want to run on any system. But important stuff (things that will cause problems if they are compromised or stop working) should be isolated elsewhere. For example, if your Web server references a database to build pages for output, the actual DBMS and database themselves should be on a different machine. The Web server is exposed to the Net. The database server sees only the Web server. If your Web server is compromised, your database is still likely to be safe, especially if the interface between the two is restrictive, proprietary, and authenticated. Other services can be similarly isolated. Of course, you need hardware resources for all this, but if you have the means, it's the way to go. The idea of putting everything on a single machine seems to be very popular, perhaps because so many people running servers today have only PC desktop experience behind them. If budget constraints force you to run everything on one machine, then there isn't much that can be done, but if you have a choice, separate desktop and server, then separate the server even further into separate services: Apache on one machine, BIND on anothter, sendmail on another, your favorite DBMS on another, and so on. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org