[Zope] Some questions regarding Zope hosting

[Toby Dickenson]

On Wednesday 29 May 2002 6:19 pm, Dennis Allison wrote:

> Can you explain why using only Medusa/Zserver is "very bad"?

There are a number of denial-of-service vulnerabilities in medusa's http=20
handling, if it is given certain kinds of malformed or atypical http=20
conversations.

>  I was under
> the impression that the usual Apache approach simply delegates to the Z=
ope
> native webserver without doing much of anything except eating machine
> cycles.

Im more familiar with Squid, which definitely sanitizes the http conversa=
tion.=20
(That is, the designers of squid anticipated the mistakes made by the=20
designers of medusa)

I always assumed apache/mod_proxy did the same thing....