[Zope] Important Security Concerns
Riku Voipio
Riku.Voipio@tietoenator.com
Tue, 12 Sep 2000 17:59:00 +0300
On Tue, Sep 12, 2000 at 08:31:52AM -0400, Coleman, Bryan wrote:
> That would cause another whole set of problems, unless apache is inherity
> more secure than Medusa. I was really wondering what the risks are
> associated with those two options.
I think Zope behind apache is more secure than zope behind medusa,
bacause of:
1. Finer grained control on access.
One can add lines like the following:
RewriteCond %{REMOTE_ADDR} !^10\.0\.0\.(.*)
RewriteRule ^/Zope.*manage - [F]
Which would mean that only users from 10.0.0.* can
access managment interfaces.
2. Wider usage of apache (a lot more security auditing)
this is heavily IMHO.
> > > Option A: Poke a hole through our firewall on the primary http port or
> > on
> > > port 8080 to allow Zope pages through and then require authentication on
> > the
> > > first page.
> > > Option B: Set up a DMZ off the firewall to allow the same as the above.
I assume that you would firewall the DMZ as well. With a setup which
allows maintainance to the ftp/ssh/whatever ports from your lan and
only http traffic from elsewhere, this would be slightly more secure
than having the server on your lan.
Is it worth depends on how much you trust on the potential users, and
how much time you hcope with the extra maintainance load of the DMZ.
Assuming you don't already have a DMZ...
If you have limited set of extranet users, you can tighten up by restricting
access at firewall only from IP address ranges of your clients.
--
Riku Voipio
riku.voipio@tietoenator.com
09-862 60764