[Zope] ZServer+SiteAccess+Apache+SSL

Steve Drees drees@the-bridge.net
Wed, 21 Jun 2000 10:41:00 -0500


> -----Original Message-----
> From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of T.J.
> Mannos
> Sent: Wednesday, June 21, 2000 9:42 AM
> To: IPM Return requested Receipt notification requested
> Subject: RE: [Zope] ZServer+SiteAccess+Apache+SSL
>
>
> I got Apache+mod_ssl+OpenSSL working, and I just threw it into the mix.  I
> have two virtual hosts, one HTTP on port 80 and one SSL on port 443.  Both
> do nothing but ProxyPass to the same http:// address on port
> 9080.  I don't
> know if I like that solution, though.
>
> This solution "looks" secure, but I'm not so sure.  It's a secure
> connection
> between the client and the server, and, since Zope and Apache are on the
> same machine, there's no insecure communication over our LAN.
> However, if I
> happen to have a hacker running a packet sniffer on my server,
> I'm screwed.

If you have a hacker running a sniffer on your server you are screwed
regardless of your system configuration.