Nginx securiy problem
jim at ohlste.in
Sun Dec 6 01:30:57 MSK 2009
Michael Shadle wrote:
> On Sat, Dec 5, 2009 at 1:58 PM, Steve <steeeeeveee at gmx.net> wrote:
>> Then Softlayer does not understand anything about security. Security is not a tool nor is it something you apply once and then forget about it. Security is a process. You need constantly to take care of it. Some time it is technical (hardware that can be installed, software that can be hardened, etc) and some time it is organizational (you have a check list to follow in case of security breach, you alert a security person in case of a security breach, you close your forum for X hours in case of a security breach/break, etc).
> Actually, SoftLayer is quite security-focused. I am a customer and
> have been quite happy with them.
I would agree. Softlayer is an excellent host which I have used on and
off over the years for different needs. I think this is their reaction
to a customer for whom they cannot provide hand holding services.
> They are doing the standard "fix your servers or we'll cut you off" -
> they're not saying security is a "tool" - they're telling him that he
> needs to hire someone they trust to fix his servers up as he does not
> seem to be equipped to, or they will shut him off. It's not worth the
> overhead they have to take on to have people who don't know how to
> manage their own servers.
> FYI: I run 0.8.x. I run the latest possible version Igor puts out
> whenever I have time to update.
> As someone once told me, "Igor's betas are more stable than most
> people's stable versions" and I would have to agree. I've never ran
> into an issue or bug that had to do with a new version of nginx
> because I happened to be running a "beta" - all of my issues are
> mainly due to something lacking or needing more understanding on how
> to workaround a configuration limitation, etc.
It does happen however, as it did to me. See the thread at
http://forum.nginx.org/read.php?2,5301. The difference is that Igor
fixed it in under 24 hours.
> Never something as stupid as "gzip + aliased locations doesn't work"
> as another popular alternative webserver that flies light had broken
> in it for over a year before it was fixed...
> nginx mailing list
> nginx at nginx.org
More information about the nginx