Zope runs just fine without anything in front of it and despite the issues you mentioned have never had the slightest problem. Cheers. -- Andy McKay. ----- Original Message ----- From: <abg@comco-inc.com> To: <zope@zope.org> Sent: Tuesday, October 09, 2001 9:17 AM Subject: [Zope] Can Zope 2.4.0 be run "naked" (without Apache/Squid/IIS)?
On the "Zope Changes" page for Zope 2.4.0 (http://www.zope.org/Products/Zope/2.4.0/CHANGES.txt), one of the changes mentioned is "Fixed handling of invalid HTTP requests."
One of the main arguments (as I understood them) for running Zope behind Apache/Squid/IIS was that Zope was susceptible to denial of service attacks due to the way it handled HTTP requests. The Apache/Squid/IIS front-end was used to sanitize the HTTP request.
Does the change made with the release of 2.4.0 fix this problem? If so, what other roadblocks are there to running Zope "naked"?
Thanks,
Aaron Gillette abg@comco-inc.com
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )