On Thu, Jan 11, 2007 at 12:25:26PM -0500, JPenny@ykksnap-america.com wrote:
zope-bounces@zope.org wrote on 01/11/2007 12:07:37 PM:
Hi,
I am writing a thesis about the security of Zope and have these questions. I am wondering if this is the right place to ask.
Is Zope behind Apache the only solution to provide SSL connection to Zope?
No, but it is the most common setup. Zope is believed to be very secure, but it has had, in no way, the amount of exposure, and thus battle-hardening that Apache has.
Moreover using another web server in front of Zope has other benefits -- 1) Static content can usually be displayed faster using a system tuned for static content, rather than one tuned for dynamic content. 2) URL-rewriting makes it possible to transparently distribute site site content to multiple Zope versions or multiple machines. 3) In some circumstances, the front-end webserver can provide caching services, reducing the load on the Zope portion.
I would add 4) the front-end server can provide "sanitizing" of requests from buggy or malicious clients. A search of the mail archives will find many people advising the same thing. I recently experienced it myself. I wasted a lot of time recently trying to find out why Zope was leaking memory on XML-RPC requests *only* from a certain client. The leak was small, but under load, Zope would exhaust the system's memory after a few days. I could never determine the cause, nor could I provoke the leak with other clients. Then one day, the client switched from one Java XML-RPC library (an old version of the Apache xmlrpc library) to another (Redstone I think), and immediately the symptom stopped. Zope's memory usage became quite stable. Nothing else was changed. A good, battle-tested reverse proxy in front of Zope should help protect against that kind of thing. -- Paul Winkler http://www.slinkp.com