Webapps denying all outside access by default?
Reindl Harald
h.reindl at thelounge.net
Sun Jul 21 13:18:10 UTC 2013
Am 20.07.2013 23:28, schrieb Adam Williamson:
> On Sat, 2013-07-20 at 23:07 +0200, Reindl Harald wrote:
>>
>> Am 20.07.2013 22:59, schrieb Adam Williamson:
>>>> You should also be albe to use a reload, not necessarily a restart, to
>>>> get it working. (Although I've not been trying this with systemd!)
>>>
>>> 'apachectl reload' didn't seem to do the job.
>>
>> because it does not exist
>>
>> "apachectl graceful" or "systemctl reload http.service"
>> http://httpd.apache.org/docs/2.2/programs/apachectl.html
>>
>>
>>> It's a 'safer' default in the same way that a computer that's turned off
>>> is safer than one that's turned on, I guess...though I suppose lots of
>>> webapps do have initial configuration that you want to make sure is not
>>> run remotely, obviously. But it does leave the rpmnew problem
>>
>> besides that these are config *examples* and not for production
>> means they should not be overwritten after configuration:
>>
>> /etc/httpd/conf.d/z-name-allow.conf
>> <Directory /usr/share/name>
>> whatever you need to override
>> </Directory>
>
> If they are intended as examples they should be packaged as such; they
> are not
why?
a local setup for testing and development is pretty satisfied with only
rechable from localhost, 1 out of 1000 users have the intention to run
these packages in production and if so they need a lot more to care
starting with open_basedir and disable_functions
the other 999 doing their work local and move it later on a public server
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20130721/9b7192ec/attachment.sig>
More information about the devel
mailing list