We are putting our site up and have some questions about Zope security relating to one of Zope's biggest benefits...remote administration. If some kid obtained access to the manage screens he could...well you know :( 1) What prevents someone from getting into the manage screens by cracking the admin username:password? Are failed login attempts logged anywhere? If not, is there any way to log them short of hacking the zope python code? 2) Is there any way to turn off the manage screens, or set them so that they can only be run locally? 5 er...3) Is there any way to run the manage screens on a different port than the rest of Zope? (i.e. not port 80) This would allow us to open/close that port in our firewall whenever we needed to access the manage screens remotely, or run it over a VPN. What are other people doing to protect themselves? Thanks in advance, -Paul __________________________________________________ Do You Yahoo!? Send instant messages & get email alerts with Yahoo! Messenger. http://im.yahoo.com/