[Zope] ZServer security question

Dieter Maurer dieter@handshake.de
Wed, 26 Jun 2002 21:24:43 +0200

Doug Chamberlin writes:
 > I've seen some people advise not placing a ZServer server directly 
 > accessible on the Internet due to security concerns. I guess the 
 > recommended practice is to front the Zope service via Apache, et al. I have 
 > no great objection to this but I'd like to know more about why. Zope, 
 > itself, appears to this newbie to be reasonably secure with the user_acl 
 > stuff built in. Are appearances deceiving?
Please search the mailing list archives.

      Once, I saw a comprehensive list there...