[thelist] Apache on Win32 (and shared hosting security)

Beau Hartshorne beau at members.evolt.org
Fri Aug 17 11:11:21 CDT 2001


David,

Thank you very much for your thoughtful reply to my question I printed that
one. For anyone watching this topic:

<tip type="firewall">
If you don't want anyone trying to access any of your development
Apache/IIS/FTP/SMTP/SQL servers, get ZoneAlarm. By default, ZoneAlarm has an
unchecked checkbox under the "SECURITY" tab. Find "Block Internet Servers"
and check it. This will disallow anything from connecting to your local
machine.

But here's the rub: all your ftp programs will stop working. To communicate
with an ftp server, your local ftp program will open up a port for the
remote server to connect to. Once ZoneAlarm is configured to "Block Internet
Servers", it will block the remote ftp server from connecting to port your
local ftp server just opened. To get around this, you have to make sure that
any program that uses ftp is set to "Passive Mode".
</tip>

Your comments on script security got me thinking -- if my site is hosted on
a shared server, what if someone got write access to the php files? Could
they then add a function to the checkout script to say, email customer data
to an anonymous email address? Is there a way to automatically check for
this?

I guess with this one, you'd have to trust the host...

Cheers,

Beau

-----Original Message-----
From: thelist-admin at lists.evolt.org
[mailto:thelist-admin at lists.evolt.org]On Behalf Of David Altherr
Sent: August 16, 2001 9:06 PM
To: thelist at lists.evolt.org
Subject: Re: [thelist] Apache on Win32


As for the blocking ports via software: here is a review of ZoneAlarm with
links to several other software options:
http://www.zdnet.com/products/stories/reviews/0,4161,2576071,00.html





More information about the thelist mailing list