25 Jun
2002
25 Jun
'02
5:58 p.m.
I've seen some people advise not placing a ZServer server directly accessible on the Internet due to security concerns. I guess the recommended practice is to front the Zope service via Apache, et al. I have no great objection to this but I'd like to know more about why. Zope, itself, appears to this newbie to be reasonably secure with the user_acl stuff built in. Are appearances deceiving?