Nginx securiy problem

Steve steeeeeveee at
Fri Dec 4 03:36:57 MSK 2009

-------- Original-Nachricht --------
> Datum: Thu, 3 Dec 2009 16:22:27 -0800
> Von: Michael Shadle <mike503 at>
> An: nginx at
> CC: nginx at
> Betreff: Re: Nginx securiy problem

> On Thu, Dec 3, 2009 at 3:03 PM, Steve <steeeeeveee at> wrote:
> > What? Because of mailman you run Apache? Well... I do run mailman 2.1.12
> here on top of nginx 0.8.29 without any issues. No Apache involved in any
> way. I don't see any reason to use Apache for mailman.
> yeah - CGI-based stuff i run apache behind nginx for those couple
> things. i always have nginx on the frontend.
I only have one instance of Apache that I use and it's used for web pages that I know are not easy to handle for me (from the security viewpoint). So I run mod_security on that Apache instance and other stuff that helps me to narrow down the possible security problems. It does not prevent them but I can sleep better knowing that mod_security and other tools are doing a good job in preventing the most obvious issues.

Every where else I use nginx. Some time as stand alone and in some instances as a load balancer and and and...

> how do you run mailman directly?
I did not say I run it directly. I run it as a FCGI instance with the help of FcgiWrap ( And I do the same for other CGI applications (for example the DSPAM WebUI, AWStats, for cgi-bin directory, etc).

> _______________________________________________
> nginx mailing list
> nginx at

Jetzt kostenlos herunterladen: Internet Explorer 8 und Mozilla Firefox 3.5 -
sicherer, schneller und einfacher!

More information about the nginx mailing list