Paul Abrams <paulabrams@yahoo.com>

We are putting our site up and have some questions about Zope security relating to one of Zope's biggest benefits...remote administration. If some kid obtained access to the manage screens he could...well you know :(

1) What prevents someone from getting into the manage screens by cracking the admin username:password? Are failed login attempts logged anywhere? If not, is there any way to log them short of hacking the zope python code?

This is an excellent suggestion. Would you please post it to the Collector: http://classic.zope.org:8080/Collector/developer_input

2) Is there any way to turn off the manage screens, or set them so that they can only be run locally?

When you create a user with 'Manager' role, you can set the domains / IP addresses from which that user is allowed to log in.

5 er...3) Is there any way to run the manage screens on a different port than the rest of Zope? (i.e. not port 80) This would allow us to open/close that port in our firewall whenever we needed to access the manage screens remotely, or run it over a VPN.

SiteAccess plus Apache/SSL will do this for you.

What are other people doing to protect themselves?

The 'superuser' is about to become almost useless for standard site management (see the recent "Trojan" announcement for details). This is a Good Thing(TM), as it will induce people to create "management" users, which are much simpler to secure. Tres. -- ======================================================================= Tres Seaver tseaver@digicool.com http://www.zope.org Digital Creations "Makers of Zope"