Hello, I've looked through all the docs, FAQs and threads of the Zope list for some of these answers and haven't found a clear method described. I'll apologize now if the questions seem obvious, but I'm new to deploying Zope on a web server and need some initial Zope setup guidance. Question 1: Under Zope, what is the proper way to configure the website so users can simply go to http://www.example.com instead of: http://www.example.com/example http://www.example.com:9673/ etc. My understanding is that the mod_rewrite rules will have to come into effect here. Will I also need to do a re-direct of some type? I need some way to direct all URL requests so they are re-written to point to the correct Zope folder. The ideal for me is to have a series of folders in Zope that contain separate websites. The sites can be virtual hosted as needed (although right now I'm only running one site). I can't find a clear description of how to make this happen. Also I don't want to run a separate Zope process and proxy people to the port. I want to have everything running on port 80. I'll have to agree with other posters that a tutorial on the design of the actual Zope site with Zope would be very helpful as they are using a layout of html and hierarchy that is very similar to what I'm pursuing. In fact if someone could provide me with a description of the config they're using it would be a huge help. Question 2: Under .DTML construction of links is it generally considered "better" Zope practice to reference the entire URL or the Zope object hierarchy directly? Question 3: I don't want tracebacks to appear under any circumstances to the end users. I haven't tried anything to counter this yet, but wanted to know what some others have done. Would an approach to this be a try/except positioned in the standard_html_header and footer files? Ideally I would like to catch all exceptions and have it automatically mail the exceptions to the webmaster instead of showing the user (In fact I think this would be a good feature for the product). Question 4: Has anyone pursued a security audit of the Zope code? I've been considering doing this (not that I don't trust the Zope developers, it's just that I don't trust anyone) and would like to work with others if possible. Several of the sites I admin get hacked on very frequently and I'm a little nervous about replacing static web pages with no CGI running anywhere with the exact opposite end of the spectrum with Zope. :) I'm also going to prepare a document describing how to run Zope in a chroot() environment under UNIX to increase security. I'll let the list know when it is complete. Thank you for any responses, -- Craig