[ZendTo] Re: Hardening Zendto
John Cooper
johnpcooper at yahoo.com
Wed May 25 13:53:16 BST 2011
On 25/05/11 12:55, Jules wrote:
>
>>
>> 3.) using mod_security as module for apache
>>
> Do I need this? It adds another level of complexity to things, unless
> there are yum and apt packages of it that I can just include. Do you
> know if there are?
Yes, mod_security is a yum package and just needs an Apache restart to
activate. The problem is you would have to test with and without to
ensure all users are covered. It is possible mod_security could bloke a
legitimate Zento url or any other application running on the web server
so anyone using it would also need to test thoroughly. However it is an
excellent security tool with minimal setup required.
John.
More information about the ZendTo
mailing list