[thelist] Mod_rewrit and classic sysadmin response

Tony Page zamba at zamba.com
Wed Dec 10 18:24:57 CST 2003


David Kaufman wrote:
> all the info you need about mod_rewrit is right there in that
> statement: it uses the worst form of security: obscurity.  "we can't
> tell you anything about it" translates to: it's only "secure" because
> so few people have a) of it (yet), b) seen the source code (if
> anyone, yet), widely tested it (yet) and/or found any bugs or
> security holes in it ... yet.     
> 
>> [...] or ideas about workarounds?
> 
> work around #1: find a better web hosting provider: (see www.pair.com)
> 
> -dave

Ain't that the truth! It may well come to the second option for this
site, unfortunately my current technical financial set-up limits
wholesale switching without considerable effort. I'm tempted to go for a
dedicated server and put all the sites on that, but I'm concerned about
putting all my eggs in one basket, so to speak. The prospect of a dozen
clients on my neck simultaneously is not attractive! What do other small
shops do, run a back-up server?
As I'm in Australia, and frankly the best server/ISP deals are in the
States, I have to make sure I've got a stable set-up. 

Tony 



More information about the thelist mailing list