[Zope] Major security flaw in Zope 2.3.2
Toby Dickenson
tdickenson@geminidataloggers.com
Thu, 07 Jun 2001 11:49:09 +0100
On Wed, 06 Jun 2001 14:05:06 -0700, sean.upton@uniontrib.com wrote:
>I've never heard of putting squid _between_ apache and ZServer, but why =
not
>put squid on the outside of your system as to not create extra latency?
Ive measured latency at moderate loads... for cache misses the
difference is negligible, largely because Zope has a relatively high
latency.
If you have some pages that are:
* uncacheable, and
* latency-critical
then you could use mod_rewrite to send them directly to Zope (not via
squid).
The advantages (for me) of putting Apache on the outside are virtual
hosting, and using mod_rewrite to pull other back-end servers into
Zope's URL namespace.
>I think squid is much more advanced than mod_proxy in terms of caching
>options and raw speed. I am currently setting up a ZEO cluster with =
nodes
>running ZServer sitting behind a pair of load-balanced squid caches
Interesting. Are you planning these two Squid's to be independant, or
peers?
Toby Dickenson
tdickenson@geminidataloggers.com