[Zope] zeo configuration
Jens Vagelpohl
jens at dataflake.org
Sun Nov 21 11:14:29 EST 2004
On Nov 21, 2004, at 15:30, Michael Martinides wrote:
> Hello!
>
> Is there any way to configure the zeo server to only listen to requests
> coming from the localhost? I couldn't find any documentation
> concerning the
> zeo configuration file.
>
> Basically, I would like to secure my zeo Server from access via the
> internet
> without resorting to iptables.
The safest way IMHO is to configure it and the ZEO client to
communicate via a socket file. Just insert a file path into the
"address" line in the ZEO server config and do the same on the ZEO
client side.
Whereas network sockets on localhost are still open to connections from
anyone the unix socket file can be protected by protecting its
surrounding filesystem directories (permissions on a socket file work
differently or not at all, that's why you secure the directories
surrounding it).
jens
More information about the Zope
mailing list