1 Jun
2000
1 Jun
'00
8:43 a.m.
Ragnar Beer wrote Howdy everyone!
I will soon have a Zope-site ready to go online. How can I make shure that I did everything (concerning Zope) to stop intruders? Where can I find information about protecting a Zope-site? Has anyone had security problems so far?
Easiest (most brutal?) fix I've found - hide Zope behind an Apache, and prohibit access to any URLs of the form .*/manage.* If you don't need to use basic auth to the Zope, then use a rewrite rule to strip out any Authentication headers in the requests. Anthony