LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   Apache = yes or no? (https://www.linuxquestions.org/questions/linux-general-1/apache-%3D-yes-or-no-4449/)

Jase 07-18-2001 09:38 PM

Apache = yes or no?
 
I have heard from some respectable people that they would NEVER run apache on their server due to security risks. Any thoughts on this? Any alternatives to a web server solution under linux? Also I have seen these front ends for apache and mail servers etc, etc,...is there any security risk with running these front end programs? Will they run under command line without X?

Sorry for being a TOTAL newbie,....I have been reading all the books I can find,....but real people doing this everyday have the knowledge ;)

Jason

gcombe74 07-18-2001 09:55 PM

I dont know what you have read or who you have talked to....
I will give you this link and you can decide if apache is what is best for you.

http://www.netcraft.co.uk/survey


other than that you can try using MSoft Internet Information Server...... I have both and can tell you that IIS is easier to config, but as with all ms products, reboot, reboot, reboot!!!


:Pengy: :Pengy: :Pengy: :Pengy: :Pengy:

Jase 07-18-2001 10:32 PM

so I see,......well then do you guys see any possible security risk by using these webadmin front ends?

mcleodnine 07-19-2001 02:22 AM

Webadmin frontends on the public interface? Not me. That's just plain crazed no matter what web server you use.

cinnix 07-19-2001 02:43 AM

I agree completely. The only time you should ever consider using webadmin software to configure anything is if it is behind the firewall on a computer with zero outside access. I can guarantee you that the webadmin software that you choose will be the least secure thing that you use no matter what server you choose.

IIS is very easy to configure and almost as easy to break into. (The IIS UNICODE vulnerability was the easiest exploit, I have seen in a long time. ) While there is no such thing as 'totally secure', Apache seems to have far less issues.


All times are GMT -5. The time now is 12:00 PM.